thunderbird 68 use of json policy
json policy was added to TB68 https://www.thunderbird.net/en-US/thunderbird/68.0/releasenotes/
For company CA installation I have firefox policy: /usr/share/firefox-esr/distribution/policies.json
{ "policies": { "Certificates": { "Install": [ "/etc/ca.pem" ] } } }
It works
What is the path for TB policy and filename? mirrored structure did not help /usr/share/thunderbird/distribution/policies.json TB still warnes about certificate
It worked with trick to use system certs, ln -s /usr/lib/x86_64-linux-gnu/pkcs11/p11-kit-trust.so /usr/lib/thunderbird/libnssckbi.so with /usr/local/share/ca-certificates && update-ca-certificates and lockPref("security.enterprise_roots.enabled", true);
but better to use new solution
UPD: I checked source. And it is correct, it uses distribution/policies.json But it does not apply niether
{ "policies": { "Certificates": { "Install": [ "/etc/ca.pem" ] } } }
nor
{ "policies": { "Certificates": { "ImportEnterpriseRoots": true } } }
p.v.malkov moo ko soppali ci
Saafara biñ tànn
after FF installation link is created
/usr/lib/firefox-esr/distribution --> ../../share/firefox-esr/distribution
check code why TB does not do it I created link manually and bingo, it started working
/usr/lib/thunderbird/distribution --> ../../share/thunderbird/distributionJàng tontu lii ci fi mu bokk 👍 0
All Replies (3)
Can you install the certificate using the user interface. I am seeing folks with certificates that are simple not suitable either because they are not issues by certifying authorities (self signed in some cases) or are invalid because the provider is not recognized in the CA chain of trust.
Manuall installation of cert works fine as well as a mail recieving after. The same action
with_items: - /usr/share/firefox-esr/distribution/policies.json - /usr/share/thunderbird/distribution/policies.json
before installing FF and TB, but different result.
p.v.malkov moo ko soppali ci
Saafara yiñ Tànn
after FF installation link is created
/usr/lib/firefox-esr/distribution --> ../../share/firefox-esr/distribution
check code why TB does not do it I created link manually and bingo, it started working
/usr/lib/thunderbird/distribution --> ../../share/thunderbird/distribution