Comments on: Firefox: Add a Trusted CA http://www.cyberciti.biz/faq/firefox-adding-trusted-ca/ Every answer asks a more beautiful question. Fri, 10 Feb 2012 19:55:56 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Viktorhttp://www.cyberciti.biz/faq/firefox-adding-trusted-ca/#comment-66361 Viktor Wed, 04 Jan 2012 15:55:44 +0000 http://www.cyberciti.biz/faq/?p=5147#comment-66361 This is not a difference between different versions of Firefox but between Firefox for Windows and for Linux (at least Ubuntu). Not sure why this difference exists but it is pretty old. This is not a difference between different versions of Firefox but between Firefox for Windows and for Linux (at least Ubuntu). Not sure why this difference exists but it is pretty old.

]]> By: Viktorhttp://www.cyberciti.biz/faq/firefox-adding-trusted-ca/#comment-66360 Viktor Wed, 04 Jan 2012 15:53:49 +0000 http://www.cyberciti.biz/faq/?p=5147#comment-66360 This does not seem to work under Ubuntu 11.04. I do not have many computers (3), but there some dozens of users and I copied my CA-certificate to /usr/share/ca-certificates/mozilla/my.crt and even ran 'dpkg-reconfigure ca-certificates' selecting this certificate and 'update-ca-certificates', but it seems firefox does not use this database. The certificate does not appear in the certificate list of firefox (for some random user). This does not seem to work under Ubuntu 11.04. I do not have many computers (3), but there some dozens of users and I copied my CA-certificate to /usr/share/ca-certificates/mozilla/my.crt and even ran ‘dpkg-reconfigure ca-certificates’ selecting this certificate and ‘update-ca-certificates’, but it seems firefox does not use this database. The certificate does not appear in the certificate list of firefox (for some random user).

]]> By: rduke15http://www.cyberciti.biz/faq/firefox-adding-trusted-ca/#comment-61095 rduke15 Thu, 28 Jul 2011 13:40:00 +0000 http://www.cyberciti.biz/faq/?p=5147#comment-61095 @john, your 1000 desktops are probably Windows rather than Linux. But if your user profiles are on a Samba server, it can be quite easy to script. See here: <a href="http://bahut.alma.ch/2011/07/importing-root-certificates-into.html" rel="nofollow">Link #1</a>. If you have to do it on Windows and can compile the nss tools or find some binary, you could do something similar in Windows. See here for example: <a href="http://www.appdeploy.com/messageboards/printable.asp?m=52532" rel="nofollow">Link #2</a> @john, your 1000 desktops are probably Windows rather than Linux. But if your user profiles are on a Samba server, it can be quite easy to script. See here: Link #1.

If you have to do it on Windows and can compile the nss tools or find some binary, you could do something similar in Windows. See here for example: Link #2

]]> By: kacehttp://www.cyberciti.biz/faq/firefox-adding-trusted-ca/#comment-55344 kace Thu, 03 Feb 2011 21:21:50 +0000 http://www.cyberciti.biz/faq/?p=5147#comment-55344 UPDATE: For me, anyway, it's now found under "Tools > Options > ..." vice "Edit > Preferences > ..." The "... Advanced > Encryption > ..." and so on is the same. I've got version Firefox 3.6.13. UPDATE: For me, anyway, it’s now found under “Tools > Options > …” vice “Edit > Preferences > …” The “… Advanced > Encryption > …” and so on is the same. I’ve got version Firefox 3.6.13.

]]> By: Patrickhttp://www.cyberciti.biz/faq/firefox-adding-trusted-ca/#comment-43720 Patrick Wed, 16 Sep 2009 22:36:54 +0000 http://www.cyberciti.biz/faq/?p=5147#comment-43720 @John I suppose it depends on the operating system. But if you have 1k Linux desktops it should be easy (hopefully you have an SSH key installed on each). Put there IP addresses into a file and from a bash shell do something like this: for compy in `cat file_with_addresses` ; do scp your_ca.crt root@$compy:/usr/share/ca-certificates/mozilla/ ; ssh root@$compy 'ln -s /usr/share/ca-certificates/mozilla/your_ca.crt /etc/ssl/certs/your_ca.pem' ; done These paths are based on Ubuntu 9.04. If you are running some other distro, you'll need to figure out the paths for yourself. @John

I suppose it depends on the operating system. But if you have 1k Linux desktops it should be easy (hopefully you have an SSH key installed on each).

Put there IP addresses into a file and from a bash shell do something like this:

for compy in `cat file_with_addresses` ; do scp your_ca.crt root@$compy:/usr/share/ca-certificates/mozilla/ ; ssh root@$compy ‘ln -s /usr/share/ca-certificates/mozilla/your_ca.crt /etc/ssl/certs/your_ca.pem’ ; done

These paths are based on Ubuntu 9.04. If you are running some other distro, you’ll need to figure out the paths for yourself.

]]> By: Johnhttp://www.cyberciti.biz/faq/firefox-adding-trusted-ca/#comment-43528 John Wed, 02 Sep 2009 01:46:02 +0000 http://www.cyberciti.biz/faq/?p=5147#comment-43528 Cool now how do I do it for 1000 desktops? Cheaper for me to buy a cert from a registered CA. Cool now how do I do it for 1000 desktops?
Cheaper for me to buy a cert from a registered CA.

]]>