I've generated a rootCA.pem and a bank.crt which is signed by the rootCA.pem and everything goes well. I used a combination of openssl and keytool to do that.
When I open FireFox and run the web-application on https, it displayes for me the usual warning msg that a certificate is there, and I press OK. Then I go to check the Certificates under preferences under Edit in FireFox, and I find that the bank.crt is under the server tab and my rootCA.pem isn't in the CA. It is not there. I imported it earlier into cacerts that is under the jre while I'm creating the rootCA.pem and the bank.
My question is: Should the rootCA.pem be under the Authoroties tab or it is enough to have the bank.crt under the server tab?
If yes it should be there, Importing the rootCA.pem won't work. My rootCA.pem is actually a .pem instead of a .crt and
importing it into the FireFox don't help! I can't find it b/w the CAs!