Hāpara Filter troubleshooting: Firefox complains about HTTPS certificate safety Follow
In this article:
Why this happens
On Firefox 76.0.1 and higher, students connecting to HTTPS sites may see warning screens like the one shown below.
This happens because beginning with version 76.0.1, Firefox, by default, has stopped trusting the Windows Certificate Store and instead consults with its own trusted root CA certificate list. Therefore, the Hāpara Filter certificate installed in the Windows system certificate store is not trusted.
This affects all proxy products by all its vendors.
How to fix it
There are two ways to adjust your Firefox settings to resolve this issue:
Change Firefox settings in the browser
To change the Firefox settings in the browser:
- Type “about:config” into the Firefox address bar
- Type “security.enterprise_roots.enabled”
- Change the value to “true”
Change Firefox settings using GPO to multiple computers
To deploy this configuration change using GPO, please follow the instructions below.
Note, this process requires that Firefox is installed in the default location on the client computers.
- Add the files ‘deledao.cfg’ and ‘local-settings.js’ to a network share using this zip. Ensure that the share has read permissions for ‘Domain Computers.’
- Create/Edit a group policy in Group Policy Management.
- Edit the settings in ‘Computer Configuration > Preferences > Windows Settings > Files.’
- Right-click and select ‘New File.’
- Point the ‘Source File’ to deledao.cfg on the Network Share.
- Point the ‘Destination’ file to be C:\Program Files\Mozilla Firefox\deledao.cfg and ‘Apply.’
- Repeat the above steps to copy 'deledao.cfg' to C:\Program Files (x86)\Mozilla Firefox\deledao.cfg.
- Repeat the above steps to copy ‘local-settings.js’ to C:\Program Files\Mozilla Firefox\defaults\pref\local-settings.js.
- Repeat the above steps to copy ‘local-settings.js’ to C:\Program Files (x86)\Mozilla Firefox\defaults\pref\local-settings.js.