Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

為了改善您的使用體驗,本網站正在進行維護,部分功能暫時無法使用。若本站的文件無法解決您的問題,想要向社群發問的話,請到 Twitter 上的 @FirefoxSupport 或 Reddit 上的 /r/firefox 發問,我們的社群成員將很快會回覆您的疑問。

搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

app-v profiles security certificate issue

  • 3 回覆
  • 1 有這個問題
  • 15 次檢視
  • 最近回覆由 scoop180

more options

Hello,

I am sequencing Firefox for our App-V environment and I am having problems with our security certificates. During the sequencing process the certificates are imported and they work fine. However when the virtual package is streamed to a users machine and they try to browse to a secure website our security certificates are not available and the website doesn't load up. If the user manually imports the certificates then it does work. Only further investigation I see that for each profile on my test PC the certificates need to be imported and then the cert8.db file is created under their appdata\roaming\mozilla\firefox\profiles\xxx.default directory. I need to certificates to be available when each user launches Firefox. Is it possible to import our certificates into the global Firefox security certificate location? Where are they stored? Even if we didn't use application virtualisation and deployed FF through SCCM we would still get the same issue. I have read the articles on preparing FF for an enterprise environment but they make no mention of security certificates. Any help or suggestions on how to resolve this issue would be greatly appreciated.

Thanks Stephen

Hello, I am sequencing Firefox for our App-V environment and I am having problems with our security certificates. During the sequencing process the certificates are imported and they work fine. However when the virtual package is streamed to a users machine and they try to browse to a secure website our security certificates are not available and the website doesn't load up. If the user manually imports the certificates then it does work. Only further investigation I see that for each profile on my test PC the certificates need to be imported and then the cert8.db file is created under their appdata\roaming\mozilla\firefox\profiles\xxx.default directory. I need to certificates to be available when each user launches Firefox. Is it possible to import our certificates into the global Firefox security certificate location? Where are they stored? Even if we didn't use application virtualisation and deployed FF through SCCM we would still get the same issue. I have read the articles on preparing FF for an enterprise environment but they make no mention of security certificates. Any help or suggestions on how to resolve this issue would be greatly appreciated. Thanks Stephen

所有回覆 (3)

more options

They are all stored in cert8.db. How to do this globally I have to do some research. This is what I found:

I will ask the security team.

more options

See also: CCK2 | Mike's Musings: https://mike.kaply.com/cck2/

more options

Thanks for replying to my post. I have been able to configure Firefox through the cfg file as I see fit for the virtual environment. This in one of the links is what I am getting at....

If certificate database in cert8.db is deleted, it is regenerated on next Firefox start. This strongly suggests that there is a system-wide default storage of CA certs. Firefox's source code shows that built-in CA certs are in fact hard-coded into firefox executable.

Is it possible to add to this system wide default storage location?

Thanks again,