Търсене в помощните статии

Избягвайте измамите при поддръжката. Никога няма да ви помолим да се обадите или изпратите SMS на телефонен номер или да споделите лична информация. Моля, докладвайте подозрителна активност на "Докладване за злоупотреба".

Научете повече

How can we force firefox to check its trusted certificate store on every request?

  • 2 отговора
  • 1 има този проблем
  • 2 изгледи
  • Последен отговор от thready

more options

We have an application on localhost that gets installed from our page. We happen to be running over HTTPS. We wrote code in our installed application to add the certificate to firefox's trusted store. The page that provides the installer for this app then autodetects that it's installed by making HTTPS requests to it. Only, it doesn't work in Firefox since Firefox needs to be restarted so that it reads its trusted store.

Is there any way for us to make firefox read its store again and not rely on a cached result?

Thanks! Mike

We have an application on localhost that gets installed from our page. We happen to be running over HTTPS. We wrote code in our installed application to add the certificate to firefox's trusted store. The page that provides the installer for this app then autodetects that it's installed by making HTTPS requests to it. Only, it doesn't work in Firefox since Firefox needs to be restarted so that it reads its trusted store. Is there any way for us to make firefox read its store again and not rely on a cached result? Thanks! Mike

Всички отговори (2)

more options

Hi, I asked on the #security channel about this and they said the work around for this is to add the certificate through the Firefox Certificate Menu in the Preferences/Options menu under Security.

However they are also interested in what makes it difficult for you to use a certificate from a CA that Firefox trusts by default? As this is something we are looking to improve on. I have asked them to follow this thread for your feedback.

Thank you and we are looking forward to your post!

Променено на от guigs

more options

Thanks for your response. We dropped this approach and went with a plugin instead. Basically we just need to communicate to localhost for the "richer thick client experience", but ran into the issue of mixing https as origin with http to localhost being blocked by the browser (personally I think mixing should be ok for localhost calls but I'm not a security expert).

Kind regards, Mike