Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Hierdie gesprek is in die argief. Vra asseblief 'n nuwe vraag as jy hulp nodig het.

MacOS Catalina - setting security.enterprise_roots.enabled to true - Doesn't work as expected

  • 1 antwoord
  • 1 het hierdie probleem
  • 17 views
  • Laaste antwoord deur Mike Kaply

Firefoxer
Firefoxer
more options

When a user, on a MacOS Catalina, sets the security.enterprise_roots.enabled to true in Firefox, the certificates are not read from MacOS keychain store.

The method used to set the parameter to true:

Use Firefox on MacOS Catalina, type 'about:config' in the address bar. If prompted, accept any warnings. Right-click to create a new boolean value, and enter 'security.enterprise_roots.enabled' as the Name Set the value to 'true'

What is your recommendation to bypass this problem without manually importing the certificates in the FF certificates authorities ? The goal is to read the certificates from the system store. This parameter works perfectly on MacOS Mojave & Windows.

When a user, on a MacOS Catalina, sets the security.enterprise_roots.enabled to true in Firefox, the certificates are not read from MacOS keychain store. The method used to set the parameter to true: Use Firefox on MacOS Catalina, type 'about:config' in the address bar. If prompted, accept any warnings. Right-click to create a new boolean value, and enter 'security.enterprise_roots.enabled' as the Name Set the value to 'true' What is your recommendation to bypass this problem without manually importing the certificates in the FF certificates authorities ? The goal is to read the certificates from the system store. This parameter works perfectly on MacOS Mojave & Windows.

All Replies (1)

Mike Kaply
Mike Kaply
  • Top 25 Contributor
  • Moderator
more options

We've tested this and have not encountered this problem.

Could you open a bug in bugzilla and we can work with the certificate team to diagnose the problem?