Firefox disconnects websockets connection for a self signed certificate

Question

I am trying to make websocket connection to a backend server that uses a self-signed certificate. In firefox I\'ve added an exception for the self-signed cert.

Howev

Answer 1

Just in case it could help anyone, what is mentioned in OP's answer is not true at this time of writing (v61.0.1).

I navigated to the address of my WS server using https, as any WS server is practically an HTTP server, then the usual invalid certificate screen appeared and allowed me to add an exception. After that any wss connection made to the same host and port is successful.

Answer 2

Firefox works with secure websockets (wss://) only when the certificate of the site is trusted.

With a self-signed certificate I was able to browse the site by adding an exception to the certificate. The exception is not used for websockets and the connection was dropped during the ssl handshake.

Instead I created my own Root CA cert and then another signed cert for the webserver. In Options > View Certificates > Authorities I imported the Root cert. Now firefox is able to connect over secure websockets without any issue.

Firefox does not allow for importing of self-signed certs as Authorities. Windows Certificate manager allows importing of self signed certs into the "Trusted Root Certificate Authorities" list.