We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Trusted certificates on multi-user Linus system

  • 1 reply
  • 1 has this problem
  • 11 views
  • Last reply by Matt

more options

Hi, We have a Linux system with multiple user accounts, and Thunderbird as email client for all users.

The users have a shared email address for secure email, using S/MIME encryption. When a user receives a signature from someone, this user grants a trust relation, and can start sending encrypted emails. Is there an easy way to set the received signature as a trusted certificate globally for all users on the system ? I hope we don't need to log in for every user, and add every new certificate we receive as trusted for every user account ?

Hi, We have a Linux system with multiple user accounts, and Thunderbird as email client for all users. The users have a shared email address for secure email, using S/MIME encryption. When a user receives a signature from someone, this user grants a trust relation, and can start sending encrypted emails. Is there an easy way to set the received signature as a trusted certificate globally for all users on the system ? I hope we don't need to log in for every user, and add every new certificate we receive as trusted for every user account ?

All Replies (1)

more options

As each user should have their own profile, then their certificates will not be shared.

looking over the situation there is support for using the OS store in OSX and Windows but the suggestion of linux is ans I quote. "On Linux, certificates can be programmatically imported by using p11-kit-trust. So from p11-kit (add the module using the “Security Devices” manager in Preferences or using the modutil utility).

For modutil descriptions see https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Reference/NSS_tools_:_modutil