发表新帖
发表新帖

Programmatically Install Certificate into Mozilla

后端 未结
关注
8 2103
没有蜡笔的小新
没有蜡笔的小新 2020-11-28 20:28

Is there a way to programmatically install a certificate into mozilla? We\'re trying to script everything to eliminate deviations in environment so installing it by hand thr

相关标签:
8条回答
  • 南笙
    2020-11-28 21:08

    On Windows 7 with Firefox 10, the cert8.db file is stored at %userprofile%\AppData\Roaming\Mozilla\Firefox\Profiles\########.default\cert8.db. If you are an administrator, you can probably write a simple WMI application to copy the file to the User's respective folder.

    Also, a solution that worked for me from http://www.appdeploy.com/messageboards/tm.asp?m=52532&mpage=1&key=&#52532

    1. Copied CERTUTIL.EXE from the NSS zip file ( http://www.mozilla.org/projects/security/pki/nss/tools/ ) to C:\Temp\CertImport (I also placed the certificates I want to import there)

    2. Copied all the dll's from the NSS zip file to C\:Windows\System32

    3. Created a BAT file in %Appdata%\mozilla\firefox\profiles with this script... 

      Set FFProfdir=%Appdata%\mozilla\firefox\profiles 
Set CERTDIR=C:\Temp\CertImport 
DIR /A:D /B > "%Temp%\FFProfile.txt" 
FOR /F "tokens=*" %%i in (%Temp%\FFProfile.txt) do ( 
CD /d "%FFProfDir%\%%i" 
COPY cert8.db cert8.db.orig /y 
For %%x in ("%CertDir%\Cert1.crt") do "%Certdir%\certutil.exe" -A -n "Cert1" -i "%%x" -t "TCu,TCu,TCu" -d . 
For %%x in ("%CertDir%\Cert2.crt") do "%Certdir%\certutil.exe" -A -n "Cert2" -i "%%x" -t "TCu,TCu,TCu" -d . 
) 
DEL /f /q "%Temp%\FFProfile.txt"

    4. Executed the BAT file with good results.

    0 讨论(0)
  • 时光取名叫无心
    2020-11-28 21:12

    Here is an alternative way that doesn't override the existing certificates: [bash fragment for linux systems]

    certificateFile="MyCa.cert.pem"
certificateName="MyCA Name" 
for certDB in $(find  ~/.mozilla* ~/.thunderbird -name "cert8.db")
do
  certDir=$(dirname ${certDB});
  #log "mozilla certificate" "install '${certificateName}' in ${certDir}"
  certutil -A -n "${certificateName}" -t "TCu,Cuw,Tuw" -i ${certificateFile} -d ${certDir}
done

    You may find certutil in the libnss3-tools package (debian/ubuntu).

    Source:
    http://web.archive.org/web/20150622023251/http://www.computer42.org:80/xwiki-static/exported/DevNotes/xwiki.DevNotes.Firefox.html

    See also:
    https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/tools/NSS_Tools_certutil

    0 讨论(0)
 看不清?
提交回复
热议问题