we have VDI environment where certificates are not reflecting in Firefox browser for all users.
When I type about:policies, I get "The Enterprise Policies service is inactive". I'm trying to validate my configuration against Firefox STIGs which require certain of th… (read more)
When I type about:policies, I get "The Enterprise Policies service is inactive". I'm trying to validate my configuration against Firefox STIGs which require certain of these policies to be set. So what does this message actually mean? Does it mean no policies are set? Are they set somewhere else? I have Windows Server 2016. Thank you.
I'm setting up addon installation through `policy.json`. Below is an example. I am wondering howto configure addons thus installed using the same file. Is it possible? If… (read more)
I'm setting up addon installation through `policy.json`. Below is an example. I am wondering howto configure addons thus installed using the same file. Is it possible? If yes: where to find addon-specific keys/options? As an example: when providing below `policy.json`, starting any fresh firefox profile/installation produces the dialog "Startpage.com - Private Search Engine would like to change your default search engine from Google to Startpage.com - English. Is that OK?", followed by yes/no buttons. I would like to be able to just make the addon do so forgoing the dialog.
Thanks for any pointers.
{
"policies": {
"ExtensionSettings": {
"*": {
"blocked_install_message": "Installation of extensions only allowed from 'policy.json'.",
"installation_mode": "blocked"
},
"{20fc2e06-e3e4-4b2b-812b-ab431220cada}": {
"installation_mode": "force_installed",
"install_url": "https://addons.mozilla.org/firefox/downloads/latest/startpage-private-search/latest.xpi"
}
},
"ExtensionUpdate": true
}
}
Debian 12 Linux on Dell laptop. Current "updated version" Firefox ESR 128.4.0esr (64bit) I received an update notice for Firefox ESR this morning. After running the Upda… (read more)
Debian 12 Linux on Dell laptop. Current "updated version" Firefox ESR 128.4.0esr (64bit) I received an update notice for Firefox ESR this morning. After running the Update, I lost the status bar. How can I get it back?
I'm a newbie using Debian and Deb 12 ships with Firefox ESR and I've decided to stick with it instead of the regular release, 'cause it breaks some extensions I have. How… (read more)
I'm a newbie using Debian and Deb 12 ships with Firefox ESR and I've decided to stick with it instead of the regular release, 'cause it breaks some extensions I have. However, I want to upgrade to the latest ESR version, how do I do it? I tried going to (https://www.mozilla.org/en-US/firefox/all/#product-desktop-esr), but the file for linux 64 bit is a .tar.bz2 file, which I have no idea how to compile.
I am trying to reach an internal company website ([URL]), with a certificate chain rooted in a company certificate authority. This works fine in Chrome, and worked in Fir… (read more)
I am trying to reach an internal company website ([URL]), with a certificate chain rooted in a company certificate authority. This works fine in Chrome, and worked in Firefox on my previous computer. But i recently got a new machine, and something somewhere is not quite right. I get an error message looking like this (between the ~~~s):
~~~ Someone could be trying to impersonate the site and you should not continue.
Web sites prove their identity via certificates. Firefox does not trust [URL] because its certificate issuer is unknown, the certificate is self-signed, or the server is not sending the correct intermediate certificates.
Error code: SEC_ERROR_UNKNOWN_ISSUER
View Certificate ~~~
If i click on the error code, i get these details:
~~~ [URL]
Peer's Certificate issuer is not recognised.
HTTP Strict Transport Security: false HTTP Public Key Pinning: false
Certificate chain:
[certificate]
[certificate]
[certificate]
~~~
If i click 'View Certificate', i get a chain of three certificates:
If i go to Settings > Privacy & Security > View Certificates > Authorities, i can find both the [certificate] certificates. As far as i can tell, they are identical - i can open the certificate from 'View Certificate' and the corresponding one from the certificate manager and flip between tabs, and all the details are the same.
I am using Firefox 120.0, via a flatpak, on Ubuntu 22. I have given the flatpak access to /etc/ssl/certs, where my company's internal CA certificates are located.
To me, this seems like it should all work. The server has a certificate signed by an internal CA, which is signed by another internal CA, and both those internal CA certificates are in my certificate manager. So what is going wrong? Is there any way i can debug this?
My company has been using the same customized autoconfig.js without issue since last year's FF 115 esr release on our Ubuntu servers. cat /opt/firefox-115.13.0esr/defau… (read more)
My company has been using the same customized autoconfig.js without issue since last year's FF 115 esr release on our Ubuntu servers.
cat /opt/firefox-115.13.0esr/defaults/pref/autoconfig.js pref("browser.tabs.inTitlebar", 0); pref("general.config.filename", "firefox.cfg"); pref("general.config.obscure_value", 0); pref("general.config.sandbox_enabled", false); pref("pdfjs.annotationEditorMode", 1);
Now we are testing the 128 esr next releases with the same config and getting the failed to read the configuration file. please contact your system administrator error
cat /opt/firefox-128.1.0esr/defaults/pref/autoconfig.js pref("browser.tabs.inTitlebar", 0); pref("general.config.filename", "firefox.cfg"); pref("general.config.obscure_value", 0); pref("general.config.sandbox_enabled", false); pref("pdfjs.annotationEditorMode", 1);
If remove pref("general.config.obscure_value", 0); or set it to 1, the error goes away, but our actual firefox.cfg does not get read and are configs are not present at all.
Hello, I am using firefox 126.0 on linux mint 21.2 with an policy file in the directory "/usr/lib/firefox/distribution/policies.json". This is just working fine with one… (read more)
Hello,
I am using firefox 126.0 on linux mint 21.2 with an policy file in the directory "/usr/lib/firefox/distribution/policies.json". This is just working fine with one little problem. When opening firefox the first time, it does not apply the policy to set the startpage to the url in the policy file. All other policies seem to be applied correctly. I figured out, that at the first start of firefox, no user profile (folder) "~/.mozilla/" exists. When i click the little "house" button on the the top besides the refresh buton, the correct startpage is shown. After the first start this folder is created and then the policies work fine even the startpage shows up directly. Can I somehow use a template profiles-folder for new users, so they have the correct firefox feeling at the first start or is there something missing in my policy file ? The policy file has rights set to "644 root:root" Image of the policy file is attached because I can't upload files other then images.
Thank you.
Hi there, I'm playing with policies.json on Linux/Ubuntu now, trying to improve my knowledge of Firefox customization through different policies and user interaction aft… (read more)
Hi there,
I'm playing with policies.json on Linux/Ubuntu now, trying to improve my knowledge of Firefox customization through different policies and user interaction after the Firefox deployment. I added a custom bookmark and extension, which show and install okay when I restart the browser. But when I delete them from within the browser and restart Firefox, they show up again. To avoid this, I can delete /etc/firefox/policies/policies.json after the Firefox deployment. Hence my questions:
Thank you! Rustam