There are various areas you should troubleshoot FIRST with FF and Certificates.
Shortest possible answer to 99% of problems with FF + Certificates:
Longer troubleshooting (which you absolutely must go thru before we can do anything more… and you must do these step by step.)
Step 1: Check the compatibility chart first https://kb.policypak.com/kb/article/344-firefox-what-versions-of-the-policypak-cse-support-managing-certificates-in-what-versions-of-firefox
Step 2: Watch the PolicyPak and Firefox cert video for a how-to https://kb.policypak.com/kb/article/709-policypak-manage-firefox-certificates/
Step 3:
The most common reason certificates fail to import is because they are the WRONG FORMAT.
PolicyPak only imports certificates which are ALREADY in what’s called the BINARY DER format.
Full details on how to do this are in the document
PolicyPak Application Settings Manager – Using the Firefox Pak.PDF
Located in the customer portal.
If you are UNSURE if your cert is BINARY DER or not, here’s what you can do to ENSURE that it is BINARY DER.
If the CERT is a-ok inside Firefox ALREADY, you can then EXPORT it like this to ensure it is a BINARY DER file.
When you save, save it as a .DER extension.
Step 4: Look at the PolicyPak ppSwitched.log file
Look in appdatalocalusernamepolicypakpolicypak application manager inside ppSwitched.log.
Does it appear that PolicyPak is trying at all?
Processing FF: Certificates
{
Adding certificate C:\ABC.cer to root store. Replace interval: always
Adding certificate C:\DEF.cer to ca store. Replace interval: always
}
If yes, that’s good.
Step 5: Is the PolicyPak Firefox Plug in working?
You can also use Firefox’s log by being on any page and clicking Ctrl+Shift+J.
In the log below certificates being added to the proper stores. You can also see ERROR CONDITIONS as well which are helpful for troubleshooting.
Step 5: Other reasons your cert just isn’t working
Step 6: Send us your cert, and we’ll send you ours.
We can try to see if YOUR CERT works in OUR environment.
We can also send you OUR TEST CERT and see if it works in YOURs.