Firefox Prompts for Credentials in Transparent SGOS Deployments Using SSL Interception
Last Updated May 13, 2017
Before applying the fix provided in this article, refer to:
KB article 000027763 to configure transparent authentication while doing SSL Interception with a Microsoft PKI
KB article 000011330 if you are using a self-signed certificate
This article was written using the following software for testing:
SGOS 184.108.40.206 and 220.127.116.11
Windows 2008 Enterprise Server SP2 PKI.
Mozilla Firefox 18.104.22.168
Mozilla Firefox prompts for authentication credentials, this message displays the virtual URL used for authentication.
If we follow the steps provided in the articles mentioned previously, we will be configuring the hostname of the ProxySG as the virtual URL used for authentication. By default, Firefox does not allow automatic NTLM authentication to sites that are not FQDN, meaning that when we are redirected to this virtual URL, it will ask for credentials before it can successfully authenticate the user, as the browser will not recognize the name as an FQDN.
Change the default behavior of automatic authentication for non-fqdn sites.
In Mozilla Firefox, enter about:config in the Address bar.
In the configuration screen, enter NTLM in the Search bar.
Right click on network.automatic-ntlm-auth.allow-non-fqdn
Note: There is no need for a browser restart.
Imported Document ID: 000032030
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe