Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

app-v profiles security certificate issue

  • 3 replies
  • 1 has this problem
  • 15 views
  • Last reply by scoop180

more options

Hello,

I am sequencing Firefox for our App-V environment and I am having problems with our security certificates. During the sequencing process the certificates are imported and they work fine. However when the virtual package is streamed to a users machine and they try to browse to a secure website our security certificates are not available and the website doesn't load up. If the user manually imports the certificates then it does work. Only further investigation I see that for each profile on my test PC the certificates need to be imported and then the cert8.db file is created under their appdata\roaming\mozilla\firefox\profiles\xxx.default directory. I need to certificates to be available when each user launches Firefox. Is it possible to import our certificates into the global Firefox security certificate location? Where are they stored? Even if we didn't use application virtualisation and deployed FF through SCCM we would still get the same issue. I have read the articles on preparing FF for an enterprise environment but they make no mention of security certificates. Any help or suggestions on how to resolve this issue would be greatly appreciated.

Thanks Stephen

Hello, I am sequencing Firefox for our App-V environment and I am having problems with our security certificates. During the sequencing process the certificates are imported and they work fine. However when the virtual package is streamed to a users machine and they try to browse to a secure website our security certificates are not available and the website doesn't load up. If the user manually imports the certificates then it does work. Only further investigation I see that for each profile on my test PC the certificates need to be imported and then the cert8.db file is created under their appdata\roaming\mozilla\firefox\profiles\xxx.default directory. I need to certificates to be available when each user launches Firefox. Is it possible to import our certificates into the global Firefox security certificate location? Where are they stored? Even if we didn't use application virtualisation and deployed FF through SCCM we would still get the same issue. I have read the articles on preparing FF for an enterprise environment but they make no mention of security certificates. Any help or suggestions on how to resolve this issue would be greatly appreciated. Thanks Stephen

All Replies (3)

more options

They are all stored in cert8.db. How to do this globally I have to do some research. This is what I found:

I will ask the security team.

more options

See also: CCK2 | Mike's Musings: https://mike.kaply.com/cck2/

more options

Thanks for replying to my post. I have been able to configure Firefox through the cfg file as I see fit for the virtual environment. This in one of the links is what I am getting at....

If certificate database in cert8.db is deleted, it is regenerated on next Firefox start. This strongly suggests that there is a system-wide default storage of CA certs. Firefox's source code shows that built-in CA certs are in fact hard-coded into firefox executable.

Is it possible to add to this system wide default storage location?

Thanks again,