Firefox does not trusts vCenter signed CA certificates

Ivo Beerens
Date : February 13, 2018
Categories : vcenter-2
Tags : certificate ,vcenter ,vcsa

For a vCenter Server environment I replaced the default SSL certificates with CA signed SSL certificates. The Platform Service Controller (PSC) is configured as VMCA subordinate CA. When opening the vSphere Web/HTML5 Client, Firefox displays the following warning: Your connection is not secure.

This is because Firefox does not trust root certificates in the Windows certificate store. Since Firefox 49 a new option is included which allows Firefox to trust root certificates. This option is not enabled by default.

The following steps illustrate how to configure Firefox to use the Windows certificate store:

Open Firefox
In the address bar type: about:config
Accept the warning
Navigate to Preference name: security.enterprise_roots.enabled
Set the value to: true

Firefox now trust the root certificates in the Windows certificate store.