Hi. I have several internal sites, each signed with their own internal CA/subCA. These CAs are all ''' named the same''', but have '''different ''' crypto materials. If I import just 1 CA into FF (directly or in Windows store with security.enterprise_roots.enabled ), the site with that CA works fine (browser warning is not presented), but ALL those other internal sites give this error: ''An error occurred during a connection to 10.1.1.1. Peer’s certificate has an invalid signature. Error code: SEC_ERROR_BAD_SIGNATURE'' with no option to add a security exception. If I add the CA for another site, that one works as well, the others won't. If I remove all the internal CAs, all the sites start working again (with browser warning, ofc.). I tried in Chrome and Edge and I get the option to create a security exception for the sites for which I did not install their CA, which looks like the ideal/preferrable option to me. Is this as intended (and why?) or can it be fixed? This looks somewhat similar to this: [https://support.mozilla.org/questions/1170738 https://support.mozilla.org/questions/1170738] Thank you. Davide.