Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

Why can't I add certificates to the default firefox profile?

  • 1 reply
  • 3 have this problem
  • 76 views
  • Last reply by fetju

fetju
fetju
more options

I am using the NSS certutil to add a certificate to users profiles on OS X (10.8-10) running Firefox ESR 31.4.

There is no problem adding the cert to existing users profiles, however I want to add it so that new users who log in will automatically have the cert installed.

As I understand it, I should be able to install the cert to a default profile in the application that will then go out to new users when they run FF for the first time, however this has not been the case in my testing. I have been running the cert util, as root, on the directory '/Applications/Firefox.app/Contents/MacOS/browser/defaults/profile'. The command ('/opt/local/bin/nss-certutil -A -i mycert.cer -n "My Cert" -t "C,," -d "/Applications/Firefox.app/Contents/MacOS/defaults/profile"') runs without error and places three files in there: cert8.db, key3.db, secmod.db

When i log in as a new user on the system however, they do not have the cert. What am I missing?

I am using the NSS certutil to add a certificate to users profiles on OS X (10.8-10) running Firefox ESR 31.4. There is no problem adding the cert to existing users profiles, however I want to add it so that new users who log in will automatically have the cert installed. As I understand it, I should be able to install the cert to a default profile in the application that will then go out to new users when they run FF for the first time, however this has not been the case in my testing. I have been running the cert util, as root, on the directory '/Applications/Firefox.app/Contents/MacOS/browser/defaults/profile'. The command ('/opt/local/bin/nss-certutil -A -i mycert.cer -n "My Cert" -t "C,," -d "/Applications/Firefox.app/Contents/MacOS/defaults/profile"') runs without error and places three files in there: cert8.db, key3.db, secmod.db When i log in as a new user on the system however, they do not have the cert. What am I missing?

Chosen solution

Turns out it was a permissions issue, the files created by the certutil in the defaults folder got root only permissions given to them. I opened them up and it's working fine.

Read this answer in context 👍 0

All Replies (1)

fetju
fetju Question owner
more options

Chosen Solution

Turns out it was a permissions issue, the files created by the certutil in the defaults folder got root only permissions given to them. I opened them up and it's working fine.