Deploying Self Signed Certificate to Firefox

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Deploying Self Signed Certificate to Firefox

L1 Bithead

For those that have implemented SSL Decryption in your environment, I'd love to hear your experiences on how you deployed the certificate to Firefox users.  There seem to be different methods mentioned, but not certain how reliable they are.

 

Thanks!

3 REPLIES 3

L1 Bithead

BUMP

 

Can anyone share their experiences with this?

The easiest way I can think of with Firefox is building out a config file with CCK2 and then just pushing it out to everyone. The process really does depend on what your cert actually looks like though; if it's an old self-signed then Firefox likely doesn't support adding it anymore. 

L1 Bithead

For those who may be interested in this topic, here is how we ended up accomplishing this:

 

1. Create a new Firefox profile and import the self-signed certificate.

2. Export the file cert8.db from the Firefox profile folder

3. Deploy this file to all systems using a system management/deployment tool.  Here is the script to execute on the client machine to deploy the file:

 

for /F "tokens=*" %%P in ('dir /b /s c:\ ^|find "cert8.db" ^|find "Firefox"') do copy /Y .\cert8.db "%%P"

 

This will search for any instance of the file and replace it.

 

A couple of notes regarding this method:

 

1. All existing certificates that exist on the local client will be removed

2. New Firefox installs or new Firefox profiles will need to have the cert deployed to them

  • 2895 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!