Vision
Products
- OLFEO SSE
  SWG
  Web security made easy
  DNS
  Security through DNS filtering
  CASB
  The Cloud Access Security Broker for securing the use of SaaS applications
  Log Connector
  Integrate Olfeo with your SIEM or XDR solutions
- OLFEO ON-PREMISE
  Secure Web Gateway
  The highest level of web security within your IT perimeter
  DNS Filtering
  Olfeo web security for unmanaged devices and workstations
- OLFEO AWARENESS
  Awareness
  The e-learning solution to raise your employees' awareness of cyber risks
- OLFEO DATABASE
  URL
  Olfeo's white label URL database
  SaaS Application
  Olfeo's white-label SaaS application database
Solutions
- BY BUSINESS SECTOR
  Local authorities
  Town halls, intermunicipal authorities, communities of municipalities
  Health
  Hospitals, clinics, university centers
  Education
  Elementary schools, middle schools, high schools, universities
  OIV, EE, and EI
  Operators of Vital Importance, Essential Entities, and Important Entities
- BY USE CASE
  Web filtering in the workplace: protection, productivity, and compliance
  Everything you need to know about Secure Web Gateway
  Understanding Security Service Edge (SSE)
  Never without my Proxy: the love story of Firewalls and Proxies in business
  What is URL filtering?
  Shadow IT: the hidden side of your internal infrastructure
  Understanding Zero Trust Network Access (ZTNA)
Resources
- RESOURCES
  White papers
  Olfeo expertise for everyone.
  Videos
  Check out the videos and tutorials
- BLOG
  News
  News, tutorials, and opinions
  Podcasts
  Listen to cyber news and issues by Olfeo
- TESTIMONIALS
  Val d'Oise Department Poitiers University Hospital Roederer Champagnes Carcassonne Town Hall Greater Cognac Area
- GLOSSARY
  We break down cyber terms for you
Partners
- PARTNERS
- Become a partner
  Find out how to join the Olfeo partner network
- Technology alliances
  Find Olfeo's partners and technology integrations
Support
- Support
  Your access to Olfeo teams
- Technical documentation
  See all our documentation and release notes for our products
- Knowledge base
  Discover our technical articles and Olfeo knowledge bases
- Classification request
  Contact Olfeo to add an unknown URL to the filter database.

Ekinops Contact us

KB No. 04: Using Firefox with Olfeo SaaS

Description

This knowledge base article will guide you through configuring Firefox for optimal use with the Olfeo SaaS Mail Agent.

Background

In order for traffic from Firefox to be properly covered by Olfeo SaaS, HTTPS traffic must be decrypted. To do this, Olfeo SaaS issues entity certificates on behalf of the sites visited. In order for the TLS security chain to be respected, Firefox must have the Olfeo SaaS Certification Authority (CA) certificate to confirm that the entity certificates issued are valid because they were issued by a certification authority (CA) that Firefox "knows."

This CA certificate is installed (and updated if necessary) by the Olfeo SaaS Mail Agent in the OS certificate store.

By default, Firefox uses its own certificate store.

Without specific instructions, Firefox will not recognize the CA certificate and the connection will fail with a Firefox error message such as ERR_TUNNEL_CONNECTION_FAILED (or similar).

The challenge here is to ensure that Firefox uses the Windows certificate store.

Prerequisites

You must:

Have a Windows computer with Firefox installed and an account with administrator rights on that computer.

Procedure

Open Firefox
Type about:config in the address bar
If necessary, accept the warnings.
Enter enterprise_roots.enabled in the preferences search bar to add a new Boolean configuration item and set its value to 'true'.

Tags: Firefox, Agent, ERR_TUNNEL, UC-04