Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Feature Request: Set security.enterprise_roots.enabled to TRUE on default

  • 1 پاسخ
  • 1 has this problem
  • 21 views
  • آخرین پاسخ توسّط Wesley Branton

more options

A lot of troubles with firefox installations at customer sites is because security.enterprise_roots.enabled is set to false by default. So where you think certificates are handled in company networks -> yes via group policies. So every vendors or internal certificates are handled there, and and all common browsers (chrome and IE, edge) got the certificate trust information from there. Except firefox. Its complicated to ensure security.enterprise_roots.enabled is set via scripts or deyployment settings. At least all others is "just install" How the user customizes his own browser is not my job as admin, but get it working to especially internal https secures sites is mine. I think others also may want this option set as default to true.

A lot of troubles with firefox installations at customer sites is because security.enterprise_roots.enabled is set to false by default. So where you think certificates are handled in company networks -> yes via group policies. So every vendors or internal certificates are handled there, and and all common browsers (chrome and IE, edge) got the certificate trust information from there. Except firefox. Its complicated to ensure security.enterprise_roots.enabled is set via scripts or deyployment settings. At least all others is "just install" How the user customizes his own browser is not my job as admin, but get it working to especially internal https secures sites is mine. I think others also may want this option set as default to true.

All Replies (1)

more options

It's not too difficult to change the default and lock this preference using the AutoConfig file.

We don't really handle feature requests on this forum. This is more of a technical support area. Your best bet would be to file a bug report and label it as an enhancement. You can also send your feedback to the developers and they will take a look.

Requests, such as changing the default of a preference, are not usually approved, but I'm sure that the developers can explain in greater detail why that preference is set to false by default.

Hope this helps.