I am using self-signed certificates to connect to my search heads using SSL. After upgrading to the latest version of Firefox (31+), I now receive the following error message when trying to connect.
Secure Connection Failed
An error occurred during a connection to x.x.x.x:8000. Issuer certificate is invalid. (Error code: sec_error_ca_cert_invalid)
What needs to be done to enable SSL communication to my search heads?
Is Firefox not prompting you to allow an exception? You should be able to import and trust the search head's certificate into Firefox's trust store, or at the very least allow a permanent exception for that certificate.
In this case, there is no option to allow an exception.
Mozilla added a new certificate verification feature to their Firefox browser (starting with version 31) called PKIX. You will need to disable this feature to use your own self-signed certificate. You may do the following to accomplish this.
You should now be able to use Mozilla Firefox to access your search head using a self-signed certificate. For more information on Mozilla PKIX, please see their blog posting on the subject.