Prikaz označenih pitanja: Prikaži sva pitanja
  • Riješeno
  • Arhivirano

I have installed firefox esr 60 and importing my certificates via certutil .exe but certificates are not getting installed

Trying to import few my certificates to firefox esr 60 via below command script but its not working :(. Set FFProfdir=%Appdata%\mozilla\firefox\profiles Set CERTDIR=%TE… (pročitajte više)

Trying to import few my certificates to firefox esr 60 via below command script but its not working :(.


Set FFProfdir=%Appdata%\mozilla\firefox\profiles Set CERTDIR=%TEMP%\CERTIMPORT DIR /A:D /B %FFProfdir% > "%TEMP%\FFProfile.txt"

FOR /F "tokens=*" %%i in (%TEMP%\FFProfile.txt) do (

CD /d "%FFProfDir%\%%i" COPY cert8.db cert8.db.orig /y For %%x in ("%CERTDIR%\CERTS\*.cer") do "%CERTDIR%\certutil.exe" -A -n "%%x" -i "%%x" -t "TCu,TCu,TCu" -d . For %%x in ("%CERTDIR%\CERTS\*.crt") do "%CERTDIR%\certutil.exe" -A -n "%%x" -i "%%x" -t "TCu,TCu,TCu" -d . ) DEL /f /q "%Temp%\FFProfile.txt

Asked by siddhika prije 2 godina

Answered by cor-el prije 1 godina

  • Arhivirano

I am trying to install a certificate in the users default folder

I am trying to put a certificate into the the users default appdata folder. We are trying to get this done for users that do not have admin privileges so they can use a c… (pročitajte više)

I am trying to put a certificate into the the users default appdata folder. We are trying to get this done for users that do not have admin privileges so they can use a cert without having to manually go through the process of using the Firefox cert manager.

Asked by kpinette prije 1 godina

Last reply by kpinette prije 1 godina

  • Arhivirano

Allow multiple Security Exceptions

Hello, In our environment, we roughly have 200~ subdomains that are all on a local network. Unfortunately, the certificates are self signed, so whenever a user visits X s… (pročitajte više)

Hello,

In our environment, we roughly have 200~ subdomains that are all on a local network. Unfortunately, the certificates are self signed, so whenever a user visits X subdomain for the first time they have to go through and manually permanently allow exception on that one subdomain. I was wondering if there is a way to gather a list of the 200~ subdomains, and automate or bulk add them to the exception list. I wasn't able to find much on Google, or maybe there is something I'm not searching properly. I was hoping if you could further point me to the right direction, I appreciate your time in reading this.

Asked by encryptedfaith prije 1 godina

Last reply by cor-el prije 1 godina

  • Arhivirano

As an admin can I add certificate exceptions to Firefox for all users?

As an admin in our organization I wanted to add two "Add Exception..." so end users do not have to get a certificate warning and click through to two places. One is a con… (pročitajte više)

As an admin in our organization I wanted to add two "Add Exception..." so end users do not have to get a certificate warning and click through to two places.

One is a connection to a systray service, the url is https://127.0.0.1:51763 and to test and validate this service for the web application, one must first click test in the app, then click Advanced and Add Exception on the "Your connection is not secure" page. The second is https://tablet.sigwebtablet.com:47290/SigWeb/ which has a Thawte certificate on it, but still requires clicking through.

This is for an in house financial operating system. The vendor did place our wildcard cert on the main page which works, its just these two service test URLs cause an issue, and since we do not own these certificates, we cannot re-sign them with a trusted Subject Alternative Name.

If I can do this with Firefox CCK or Group Policy, that would be fine. We do have Firefox trust our Windows Certificate store, so maybe there is something we can do already in Group Policy and Windows Certificates? I'm not sure because the cert at 127.0.0.1 is signed by corelation.local and there are NO SAN names on it, so even trying to use GPO's to import it to the Computers Trusted Root Certificates may not be enough.

Thanks.

Asked by kjstech prije 1 godina

Last reply by Mike Kaply prije 1 godina

  • Arhivirano

SEC_ERROR_UNKNOWN_ISSUER

We have upgraded to Firefox version 67 recently and the warning message SEC_ERROR_UNKNOWN_ISSUER was shown on every startup of our web application. In our environment, we… (pročitajte više)

We have upgraded to Firefox version 67 recently and the warning message SEC_ERROR_UNKNOWN_ISSUER was shown on every startup of our web application.

In our environment, we are using the root certificate generated by our enterprise.

Before upgrade, the warning message can be dismissed by applying the following policies in policies.json. But it does not work after upgrade. Anyone can help? Thanks. {

   "policies": {
       "Certificates": {
           "ImportEnterpriseRoots": true
       },
  }
 }

Asked by hdrton prije 1 godina

Last reply by cor-el prije 12 mjeseci