Firefox reports 'sec_error_inadequate_key_usage' when accessing the proxy's SSL-based Virtual Authentication URL

Solutions ID:    KB5117
Version:    2.0
Status:    Published
Published date:    05/11/2012
Updated:    09/17/2013

Problem Description

After following KB3700, or implementing SSL Interception in a transparent proxy deployment, Firefox users receive a sec_error_inadequate_key_usage browser error.


The reason for the key usage error has to do with the certificates in use on the proxy in this scenario.  After implementing a subordinate CA certificate for SSL interception, Proxy administrators will typically set the same certificate in the Reverse proxy service used for transparently redirected authentication.  While this is okay for Internet Explorer, Firefox (as of version 3.6) provides the above error.

The solution to this issue is to install a Web server certificate (instead of the Subordinate CA certificate used for SSL interception) for use in the SSL Reverse Proxy service. Firefox then accepts the certificate as a valid type when user requests are redirected to the SSL Reverse Proxy service to authenticate.

Rate this Page

Please take a moment to complete this form to help us better serve you.

Did this document help answer your question?
If you are finished providing feedback, please click the RATE CONTENT button. Otherwise, please add more detail in the following text box and then click RATE CONTENT.

Your response will be used to improve our document content.

Ask a Question