Using certutil, the certificate is not always installed when firefox is open.
We are using certutil to install a self signed certificate. When firefox is closed and the command is executed, the certificate is getting installed without problems but when firefox is opened, not always the certificate is installed. Steps: - Check cert with certutil, cert is not there (expected). - Open firefox - Install certificate with certutil. - Check certificate with certutil, certificate is there. - From firefox, view certificates, new certificate is not there. - Check again certificate with certutil, certificate is not there.
Seems that when firefox is opened, the certificate list/db is returned to his previous state.
Wot RogelioGutierrez
Wšě wotmołwy (4)
hi RogelioGutierrez, i'm not sure about certutil, but maybe you could try one of the other methods to import your cert: https://mike.kaply.com/2015/02/10/installing-certificates-into-firefox/
It is likely that Firefox loads the content on the cert8.db in memory on startup and keeps this data in memory. If you close Firefox then this data is once again saved to the cert8.db file. So if this is the case then you can't update the cert8.db file while Firefox is running.
cor-el dijo
It is likely that Firefox loads the content on the cert8.db in memory on startup and keeps this data in memory. If you close Firefox then this data is once again saved to the cert8.db file. So if this is the case then you can't update the cert8.db file while Firefox is running.
Thanks for your response.
Seems that this is what is happening, we need to find a way to install the certificate when Firefox is closed.
cor-el dijo
It is likely that Firefox loads the content on the cert8.db in memory on startup and keeps this data in memory. If you close Firefox then this data is once again saved to the cert8.db file. So if this is the case then you can't update the cert8.db file while Firefox is running.
Thanks for your response.
These options that you mention looks good!.
From current functionality and design we need to use certutil. We will consider the options that you mention for next releases in order to avoid this behavior.