We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

חיפוש בתמיכה

יש להימנע מהונאות תמיכה. לעולם לא נבקש ממך להתקשר או לשלוח הודעת טקסט למספר טלפון או לשתף מידע אישי. נא לדווח על כל פעילות חשודה באמצעות באפשרות ״דיווח על שימוש לרעה״.

מידע נוסף

Firefox ESR 52.1.0 security.enterprise_roots.enabled not functional

  • 3 תגובות
  • 1 has this problem
  • 3 views
  • תגובה אחרונה מאת cor-el

more options

https://wiki.mozilla.org/CA:AddRootToFirefox Enabling security.enterprise_roots.enabled on ESR 52.1.0 does not work. Has anyone been successful with this feature.

corporate portal prompts for password. Certificates placed in the windows store, are not picked up by Firefox. I used the CCK2 plug in to create the config and js files. So my deployment works and the security.enterprise_roots.enabled is locked to true.

https://wiki.mozilla.org/CA:AddRootToFirefox Enabling security.enterprise_roots.enabled on ESR 52.1.0 does not work. Has anyone been successful with this feature. corporate portal prompts for password. Certificates placed in the windows store, are not picked up by Firefox. I used the CCK2 plug in to create the config and js files. So my deployment works and the security.enterprise_roots.enabled is locked to true.

כל התגובות (3)

more options

Is the problem a full page secure connection error or is the problem that the "corporate portal prompts for password"?

These are the support articles on the two main styles of full page secure connection errors:

If you get either of those, could you copy/paste the details of the message (including any information revealed by an Advanced button)?

more options

The sign on prompts are not related to the the security.enterprise_roots.enabled issue.

Still t/s the security.enterprise_roots.enabled problem of not reading the Windows cert store... Will post more info in a bit.

more options

See: https://dxr.mozilla.org/mozilla-esr52/source/security/manager/ssl/nsNSSComponent.cpp

// Loads the enterprise roots at the registry location corresponding to the
// given location flag.
// Supported flags are:
//   CERT_SYSTEM_STORE_LOCAL_MACHINE
//     (for HKLM\SOFTWARE\Microsoft\SystemCertificates)
//   CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY
//     (for HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Root\Certificates)
//   CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE
//     (for HKLM\SOFTWARE\Microsoft\EnterpriseCertificates\Root\Certificates)

Test code: https://dxr.mozilla.org/mozilla-esr52/source/security/manager/ssl/tests/unit/test_enterprise_roots.js