Certificate with Extended Key Usage Only Works in Firefox

Firefox SEC_ERROR_INADEQUATE_CERT_TYPE with NO Enhanced Key Usage

I have found the issue, I had accidentally included the Authority Key Identifier extension on the Root CA, which upset Firefox, presumably as it pointed to itself, all the other browsers must of spotted it shouldn't be there and ignored it!

Why do I get a certificate error in Firefox ONLY?

I'm going to leave this here in case someone else has the same or similar problem:

I had installed my private key and certificate on the Synology server, but had failed to include the Intermediate Certificates in the package.

Apparently, Firefox maintains a separate Certificate Store from IE and Chrome, which already come with the necessary Comodo Intermediates.

On some machines, Firefox already had the necessary Intermediates, from other sites that had provided them, but on these other machines where Firefox was rarely used, it was basically a blank slate. After installing Intermediates Certificates on the Synology server, everything was fine.

How can I choose a different client certificate in Firefox?

You need to clear SSL session state of your browser. Take a look at my anwer to a similar question:

in Firefox choose History -> Clear Recent History... and then select "Active Logins" and click "Clear Now".

---

Related Topics