Firefox reports 'sec_error_inadequate_key_usage' when accessing the proxy's SSL-based Virtual Authentication URL


<< Back to Knowledge Search

Solution

Overview

After following KB3700, or implementing SSL Interception in a transparent proxy deployment, Firefox users receive a sec_error_inadequate_key_usage browser error.

Cause
Resolution

The reason for the key usage error has to do with the certificates in use on the proxy in this scenario.  After implementing a subordinate CA certificate for SSL interception, Proxy administrators will typically set the same certificate in the Reverse proxy service used for transparently redirected authentication.  While this is okay for Internet Explorer, Firefox (as of version 3.6) provides the above error.

The solution to this issue is to install a Web server certificate (instead of the Subordinate CA certificate used for SSL interception) for use in the SSL Reverse Proxy service. Firefox then accepts the certificate as a valid type when user requests are redirected to the SSL Reverse Proxy service to authenticate.

Workaround
Additional Information
Bug Number
InQuira Doc IdKB5117
Attachment

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      ProxySG
Article Number      000016911
Summary     
Was this helpful?
Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat