On Mon, 2016-12-05 at 15:37 +0100, Florian Weimer wrote:
If I remember correctly, the browser accessing a captive portal does
not
use the regular user Firefox profile, so we either have to preload
its
profiles with intermediate CAs, or copy them over from the user's
Firefox profile.
The browser uses WebKit, which will probably never support caching
intermediate certificates because I think deterministic certificate
validation behavior is highly desirable [1]. So copying intermediate
certificates is not an option.
Michael
[1]
https://blogs.gnome.org/mcatanzaro/2015/01/30/mozilla-is-responsible-for-...