Firefox ESR 52.1.0 security.enterprise_roots.enabled not functional
https://wiki.mozilla.org/CA:AddRootToFirefox Enabling security.enterprise_roots.enabled on ESR 52.1.0 does not work. Has anyone been successful with this feature.
corporate portal prompts for password. Certificates placed in the windows store, are not picked up by Firefox. I used the CCK2 plug in to create the config and js files. So my deployment works and the security.enterprise_roots.enabled is locked to true.
所有回复 (3)
Is the problem a full page secure connection error or is the problem that the "corporate portal prompts for password"?
These are the support articles on the two main styles of full page secure connection errors:
- Secure connection failed and Firefox did not connect
- "This Connection is Untrusted" error message appears - What to do
If you get either of those, could you copy/paste the details of the message (including any information revealed by an Advanced button)?
The sign on prompts are not related to the the security.enterprise_roots.enabled issue.
Still t/s the security.enterprise_roots.enabled problem of not reading the Windows cert store... Will post more info in a bit.
See: https://dxr.mozilla.org/mozilla-esr52/source/security/manager/ssl/nsNSSComponent.cpp
// Loads the enterprise roots at the registry location corresponding to the // given location flag. // Supported flags are: // CERT_SYSTEM_STORE_LOCAL_MACHINE // (for HKLM\SOFTWARE\Microsoft\SystemCertificates) // CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY // (for HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Root\Certificates) // CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE // (for HKLM\SOFTWARE\Microsoft\EnterpriseCertificates\Root\Certificates)