Firefox Prompts for Credentials in Transparent SGOS Deployments Using SSL Interception


Article ID: 169144


Updated On:


Asset Management Solution Data Center Security Monitoring Edition ProxySG Software - SGOS


Before applying the fix provided in this article, refer to:
  • KB article 000027763 to configure transparent authentication while doing SSL Interception with a Microsoft PKI
  • KB article 000011330 if you are using a self-signed certificate

This article was written using the following software for testing:

  • SGOS and
  • Windows 2008 Enterprise Server SP2 PKI.
  • Mozilla Firefox
Mozilla Firefox prompts for authentication credentials, this message displays the virtual URL used for authentication.


If we follow the steps provided in the articles mentioned previously, we will be configuring the hostname of the ProxySG as the virtual URL used for authentication. By default, Firefox does not allow automatic NTLM authentication to sites that are not FQDN, meaning that when we are redirected to this virtual URL, it will ask for credentials before it can successfully authenticate the user, as the browser will not recognize the name as an FQDN.


Change the default behavior of automatic authentication for non-fqdn sites.
  1. In Mozilla Firefox, enter about:config in the Address bar.
  2. In the configuration screen, enter NTLM in the Search bar.
  3. Right click on network.automatic-ntlm-auth.allow-non-fqdn
  4. Click Modify
Note: There is no need for a browser restart.