Проблемы доверия сертификатам безопасности в браузере Firefox
Чтобы AdGuard мог успешно фильтровать HTTPS-трафик в Firefox, браузер должен доверять сертификату AdGuard. Этого можно добиться по-разному в зависимости от версии Firefox.
Метод 1
Пока что этот метод работает только в Firefox Nightly версии 90.0a1. Как только бета- и обычная сборка Firefox достигнут версии 90, данный метод будет также применим к ним.
Чтобы Firefox Nightly доверял сертификату AdGuard, выполните следующие шаги:
Запустите браузер.
Перейдите в Настройки > О Firefox Nightly.
Несколько раз быстро нажмите на логотип Firefox Nightly в верху экрана.
Перейдите в раздел Настройки > Secret Settings.
Включите настройку Use third party CA certificates.
Метод 2
Этот метод будет работать только на устройствах с рут-доступом!
При использовании платформы Windows, владельцам Samsung может понадобиться установка данной утилиты.
В том случае, если вы получили системное уведомление permission denied, вам необходимо сначала перенести указанные файлы в свободную от разрешений директорию. А уже после перенести их в нужную папку в браузере Firefox.
Если adb shell su не срабатывает, изначально следует попробовать применить adb shell , а уже после su .
Источник
Скачать бесплатно Cert Manager — Firefox Addon для Android
Поиск по устройству
Мое устройство
Поиск по категориям
Базы данных
Бизнес & Профессия
Здоровье & Медицина
Игры
Интернет & Коммуникации
Мультимедиа & Графика
Наука & Образование
Программирование & Разработка
Словари & Переводчики
Темы & Обои & Скины
Туризм & Навигация
Управление задачами и временем
Утилиты
Финансы
Хобби & Развлечения
Чтение
Поиск по платформе
Android
Apple iPhone OS
iPad
iPhone
iPod Touch
BlackBerry
Java
Linux
Maemo Nokia Internet Tablet
MeeGO
Sharp Zaurus
Mobile Gaming
Nintendo DS
Playstation 3
Playstation Portable
Wii
Xbox 360
Palm OS
Symbian OS
Series 60
Series 80
Series 90
UIQ
Tablet PC
Windows CE.NET
Windows Mobile Pocket PC
Windows Mobile Smartphone
Платформы: Linux, Android, Maemo
Дата загрузки: 15 Фев 12
Тип распространения: бесплатная
Рейтинг: 3.2/5 (Всего голосов: 5)
Источник
Setting Up Certificate Authorities (CAs) in Firefox
If your organization uses private certificate authorities (CAs) to issue certificates for your internal servers, browsers such as Firefox might display errors unless you configure them to recognize these private certificates. This should be done early on so your users won’t have trouble accessing websites.
You can add these CA certificates using one of the following methods.
Using policies to import CA certificates (recommended)
Starting with Firefox version 64, an enterprise policy can be used to add CA certificates to Firefox.
Setting the ImportEnterpriseRoots key to true will cause Firefox to trust root certificates. We recommend this option to add trust for a private PKI to Firefox. It is equivalent to setting the «security.enterprise_roots.enabled» preference as described in the Built-in Windows and MacOS Support section below.
The Install key by default will search for certificates in the locations listed below. Starting in Firefox 65, you can specify a fully qualified path (see cert3.der and cert4.pem in this example ). If Firefox does not find something at your fully qualified path, it will search the default directories:
Setting the «security.enterprise_roots.enabled» preference to true in about:config will enable the Windows and MacOS enterprise root support.
Windows Enterprise Support
Starting with version 49, Firefox can be configured to automatically search for and import CAs that have been added to the Windows certificate store by a user or administrator.
Enter “about:config” in the address bar and continue to the list of preferences.
Set the preference «security.enterprise_roots.enabled» to true.
Restart Firefox.
Firefox will inspect the HKLM\SOFTWARE\Microsoft\SystemCertificates registry location (corresponding to the API flag CERT_SYSTEM_STORE_LOCAL_MACHINE) for CAs that are trusted to issue certificates for TLS web server authentication. Any such CAs will be imported and trusted by Firefox, although they may not appear in Firefox’s certificate manager. Administration of these CAs should occur using built-in Windows tools or other 3rd party utilities.
Firefox version 52: Firefox will also search the registry locations HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Root\Certificates and HKLM\SOFTWARE\Microsoft\EnterpriseCertificates\Root\Certificates (corresponding to the API flags CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY and CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE, respectively).
MacOS Enterprise Support
Starting with Firefox 63, this feature also works for MacOS by importing roots found in the MacOS system keychain.
Linux
Certificates can be programmatically imported by using p11-kit-trust.so from p11-kit (add the module using the “Security Devices” manager in Preferences or using the modutil utility).
Preload the Certificate Databases (new profiles only)
Some people create a new profile in Firefox, manually install the certificates they need, and then distribute the various db files (cert9.db, key4.db and secmod.db) into new profiles using this method. This is not the recommended approach, and this method only works for new profiles.
Certutil
You can use certutil to update the Firefox certificate databases from the command line. Check the Microsoft support site for more information.
These fine people helped write this article:
Volunteer
Grow and share your expertise with others. Answer questions and improve our knowledge base.
Источник
Cert manager firefox android
Search Support
Home
Support Forums
Firefox for Android
How do I export a client certificate.
Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.
Learn More
How do I export a client certificate on Firefox for Android?
1 reply
11 have this problem
355 views
Last reply by guigs
Within the registration process on www.startssl.com a client certificate had been added to my Firefox for Android. Now I want to backup this client certificate but I have no idea how I could export it in the mobile version.
I also want to use this certificate on my Desktop Firefox, is this possible?
Thanks for any help!
Chosen solution
HI SumoAlex, Thank you for your question. I apologize for being a little late in the responses coming in. If we cannot find an answer, please post your question again.
I understand that you would like to know how to export the client certificate from the android and also use it on the Desktop.
IT may not work on the Desktop, but I do know that you can enable remote debugging in Firefox. The cert.db on the Desktop stores all of the certificates. (is this the same on the Android device? )
Try the Cert Manager add on for Firefox for Android. ref stackoverflow.com
Hope this helps.
All Replies (1)
Chosen Solution
HI SumoAlex, Thank you for your question. I apologize for being a little late in the responses coming in. If we cannot find an answer, please post your question again.
I understand that you would like to know how to export the client certificate from the android and also use it on the Desktop.
Источник
Setting Up Certificate Authorities (CAs) in Firefox
If your organization uses private certificate authorities (CAs) to issue certificates for your internal servers, browsers such as Firefox might display errors unless you configure them to recognize these private certificates. This should be done early on so your users won’t have trouble accessing websites.
You can add these CA certificates using one of the following methods.
Using policies to import CA certificates (recommended)
Starting with Firefox version 64, an enterprise policy can be used to add CA certificates to Firefox.
Setting the ImportEnterpriseRoots key to true will cause Firefox to trust root certificates. We recommend this option to add trust for a private PKI to Firefox. It is equivalent to setting the «security.enterprise_roots.enabled» preference as described in the Built-in Windows and MacOS Support section below.
The Install key by default will search for certificates in the locations listed below. Starting in Firefox 65, you can specify a fully qualified path (see cert3.der and cert4.pem in this example ). If Firefox does not find something at your fully qualified path, it will search the default directories:
Setting the «security.enterprise_roots.enabled» preference to true in about:config will enable the Windows and MacOS enterprise root support.
Windows Enterprise Support
Starting with version 49, Firefox can be configured to automatically search for and import CAs that have been added to the Windows certificate store by a user or administrator.
Enter “about:config” in the address bar and continue to the list of preferences.
Set the preference «security.enterprise_roots.enabled» to true.
Restart Firefox.
Firefox will inspect the HKLM\SOFTWARE\Microsoft\SystemCertificates registry location (corresponding to the API flag CERT_SYSTEM_STORE_LOCAL_MACHINE) for CAs that are trusted to issue certificates for TLS web server authentication. Any such CAs will be imported and trusted by Firefox, although they may not appear in Firefox’s certificate manager. Administration of these CAs should occur using built-in Windows tools or other 3rd party utilities.
Firefox version 52: Firefox will also search the registry locations HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Root\Certificates and HKLM\SOFTWARE\Microsoft\EnterpriseCertificates\Root\Certificates (corresponding to the API flags CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY and CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE, respectively).
MacOS Enterprise Support
Starting with Firefox 63, this feature also works for MacOS by importing roots found in the MacOS system keychain.
Linux
Certificates can be programmatically imported by using p11-kit-trust.so from p11-kit (add the module using the “Security Devices” manager in Preferences or using the modutil utility).
Preload the Certificate Databases (new profiles only)
Some people create a new profile in Firefox, manually install the certificates they need, and then distribute the various db files (cert9.db, key4.db and secmod.db) into new profiles using this method. This is not the recommended approach, and this method only works for new profiles.
Certutil
You can use certutil to update the Firefox certificate databases from the command line. Check the Microsoft support site for more information.
These fine people helped write this article:
Volunteer
Grow and share your expertise with others. Answer questions and improve our knowledge base.
