This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

How to copy certificates and security devices to new profiles?

  • 3 replies
  • 1 has this problem
  • 3 views
  • Last reply by cor-el

more options

Using IE, I can import certificates and set up a security device once. Then when a new user logs onto that computer, their profile already has those certificates and security device set up. I want to do this in Firefox.

Right now, what I'm doing is copying the cert9.db and pkcs.txt files to a central location. Then, when a new user logs in, and they get a new Firefox profile, I copy those files to the new profile, overwriting what's already there. This is working, but it's still too much for non-computer users, and I can't always be there to do it.

I'd like to be able to set it up on the computer, in like an admin mode or something, and then users can come and go as they please, and I never have to worry about it again.

Using IE, I can import certificates and set up a security device once. Then when a new user logs onto that computer, their profile already has those certificates and security device set up. I want to do this in Firefox. Right now, what I'm doing is copying the cert9.db and pkcs.txt files to a central location. Then, when a new user logs in, and they get a new Firefox profile, I copy those files to the new profile, overwriting what's already there. This is working, but it's still too much for non-computer users, and I can't always be there to do it. I'd like to be able to set it up on the computer, in like an admin mode or something, and then users can come and go as they please, and I never have to worry about it again.

All Replies (3)

more options

You should be cautious with copying pkcs11.txt because this file contains an absolute path the the profile folder that is past to the software security device that uses TCP ports to communicate. You can check that yourself by inspecting the file. To do this properly you probably should edit the existing pkcs11.txt and add the part that specifies this security device. Cert9.db should be safe to copy and that file only stores cached intermediate certificate and other installed certificates.

more options

Trust me, I'd rather not be copying all of these files everywhere. I'd like a process that was behind the scenes, the way that it is in IE.

more options