My situation is the following: in our corporate network a special kind of SSL certificate issued by the company itself is used. Every time I open a site via https in Firefox a warning monit is displayed saying "sec_error_unknown_issuer". In certificate details it says that this particular certificate was issued by my company, there is a company address and name and everything. It's very annoying because I need to add an exception for the invalid certificate every single time I go to an SSL encrypted site. One possible solution would be to give up SSL and use plain http when possible (there is no difference between SSL and no-SSL at the moment if the network admins handle the certificates themselves I guess) but some sites do not work without SSL, such as bank login pages. So I think the better idea would be to add the certificate to Firefox list of trusted authorities. To do this, I need to have an authority certificate. I tried to get it with the following Openssl command but to no avail:
openssl s_client -connect hostname:port
It shows one certificate but and then it stops because some certificates could not be verified and the certificate is incorrect because Firefox display an error when I try to import it. I don't remember the exact message now but it was something like "this certificate is not valid authority certificate".
I also tried to use Wireshark but can't use too good and I failed to grab what I was looking for. And as the last resort, it's impossible to disable SSL certificates validation in Firefox.
So how can I grab this local authority certificate that I could import to Firefox and stop being annoyed by the error messages?