The default Firefox comes with certificates from well-known commercial CAs. My ISP is also CA and Firefox cannot verified it because the CA is not recognized. How do I force Firefox to accept my ISPs certificate?
Like many apps Firefox needs to have a certificate from the CA that signed the web server’s certificate. However, you can import a new CA certificate into Firefox version 3.5 using the following simple procedure:
Fire a Firefox browser (i.e. Launch Firefox)
Choose Preferences from the Edit menu.
Click the Advanced button.
Select the Encryption pane.
Fig.01: Firefox View Certificate
Click the View Certificates button.
Click the Authorities tab.
Click the Import button at the bottom of the screen.
Fig.02: Firefox Install / Import CA Certificate
Navigate to the CA certificate and import it.
Featured Articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- My 10 UNIX Command Line Mistakes
- 10 Greatest Open Source Software Of 2009
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Linux Video Editor Software
- Email FAQ to a friend
- Download PDF version
- Printable version
- Comment RSS feed
- Last Updated: 08/31/09
{ 2 comments… read them below or add one }
Cool now how do I do it for 1000 desktops?
Cheaper for me to buy a cert from a registered CA.
@John
I suppose it depends on the operating system. But if you have 1k Linux desktops it should be easy (hopefully you have an SSH key installed on each).
Put there IP addresses into a file and from a bash shell do something like this:
for compy in `cat file_with_addresses` ; do scp your_ca.crt root@$compy:/usr/share/ca-certificates/mozilla/ ; ssh root@$compy ‘ln -s /usr/share/ca-certificates/mozilla/your_ca.crt /etc/ssl/certs/your_ca.pem’ ; done
These paths are based on Ubuntu 9.04. If you are running some other distro, you’ll need to figure out the paths for yourself.