We have the cert deploy via GPO to Trusted Root Certificate Authorities anyway and our Firefox ADMX setting to utilize the windows certificate store is enabled, so either way it should be trused via that method (much like Firefox 52, IE 11, and Edge on Windwork.Ĭyphersteam, I would test a manual install in quantum to see what if an error says it is already installed or if it offers for you to checkbox a trust. Not to say we aren't pushing the software vendor on this either, but there is no real timeline on them to change.Īnd to piratenc07, yes I specified UNC paths in the ADMX templates and the cert actually appears in Firefox, so I think its loaded.
There is something unique about how the newer versions of firefox do not trust self signed certs that have no authorities or intermediate authorities above them. I can find the cert_overrides.txt file in the randomized firefox profile folder, but how to push this out to every computer / user in the company does not seem to be possible with the current version of the ADMX templates. I do not know how to automate certificate exceptions across 100 active directory users though. What does work for me is adding this certificate as an exception. Without getting both companies involved and 100% in sync, they currently do not have a mechanism, at least for this application for end users IT departments (like myself) to customize. It is just a self signed certificate from a web application that the vendor says we cannot change because its embedded in a keystore file in another backend system. It also works fine in Internet Explorer and Edge, but not Chrome. It works installed manually or automatically on my test firefox 52. Though I'm doubtful because there isnt an ip address atribute of 127.0.0.1 in the SAN field of this cert generated by our vendors application. I would like to suppress the certificate warning for, and I can get the certificate for this service and I wonder if I install it if it would work. then do I just enable this policy and in the list type in localhost.cer? What format does the certificate have to be in? What if the certificate requires a password? How do I verify it worked, besides running RSOP.msc and seeing the GPO applied? If I can get a file there, lets say its localhost.cer. How does this feature work?ĭo I use a login script to get certificate files copied to a new folder called Certificates that I would create under %USERPROFILE%\AppData\Roaming\Mozilla\ for example? I have a show button that allows you to create a list of text. It will look in %USERPROFILE%\AppData\Local\Mozilla\Certificates and %USERPROFILE%\AppData\Roaming\Mozilla\Certificates.
If this policy is enabled, Firefox will install the listed certificates into Firefox.
admx file contains a new feature called Install Certificates.
0 kommentar(er)
