Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Provide own CA
16 views
Skip to first unread message
Marc Patermann
May 7, 2012, 12:20:13 PM5/7/12
to dev-tec...@lists.mozilla.org
Hi,
I posted my issue on Thunderbird-Enterprise before and Ludovic Hirlimann
sent me here.
I created an own CA and put the cert in cert8.db by GUI in Thunderbird
10 ESR.
As far as I understand it, the way to go is to put the corresponding
cert8.db file in defaults/profile in the program directory. (Which works
for mimetypes.rdf.)
For what I tested it does not work. On a blank profile cert8.db is
always the original file, my CA is never included.
If I copy back cert8.db by hand, the CA is in there. So the file itself
is fine, but it seams to be never used.
What did I do wrong?
Marc
I posted my issue on Thunderbird-Enterprise before and Ludovic Hirlimann
sent me here.
I created an own CA and put the cert in cert8.db by GUI in Thunderbird
10 ESR.
As far as I understand it, the way to go is to put the corresponding
cert8.db file in defaults/profile in the program directory. (Which works
for mimetypes.rdf.)
For what I tested it does not work. On a blank profile cert8.db is
always the original file, my CA is never included.
If I copy back cert8.db by hand, the CA is in there. So the file itself
is fine, but it seams to be never used.
What did I do wrong?
Marc
Wan-Teh Chang
May 7, 2012, 2:39:53 PM5/7/12
to mozilla's crypto code discussion list
Perhaps the cert8.db file in defaults/profile in the program directory
is not being used by Mozilla programs?
If that's true, then I'm afraid that you will need to add your CA
to every profile, rather than relying on defaults/profile in the
program directory.
Wan-Teh
Marc Patermann
May 8, 2012, 9:22:19 AM5/8/12
to mozilla's crypto code discussion list
Hi,
Wan-Teh Chang schrieb (07.05.2012 20:39 Uhr):
> On Mon, May 7, 2012 at 9:20 AM, Marc Patermann
> <hans....@ofd-z.niedersachsen.de> wrote:
>> I posted my issue on Thunderbird-Enterprise before and Ludovic Hirlimann
>> sent me here.
>>
>> I created an own CA and put the cert in cert8.db by GUI in Thunderbird 10
>> ESR.
>> As far as I understand it, the way to go is to put the corresponding
>> cert8.db file in defaults/profile in the program directory. (Which works for
>> mimetypes.rdf.)
>>
>> For what I tested it does not work. On a blank profile cert8.db is always
>> the original file, my CA is never included.
>> If I copy back cert8.db by hand, the CA is in there. So the file itself is
>> fine, but it seams to be never used.
>>
>> What did I do wrong?
Is there a better place to ask?
In Firefox it should work this way, according to
http://mike.kaply.com/2012/03/30/customizing-firefox-default-profiles/
"If you add additional files into this directory, those files are copied
into the default profile along with the rest of the files. This is most
commonly used if you want to have default certificate databases. I’ve
seen cases where someone started Firefox, added the certificates and
certificates authorities they needed and then copied the various *.db
profiles from their profile and put them in the default profile so all
their users would get them."
Marc
Wan-Teh Chang schrieb (07.05.2012 20:39 Uhr):
> On Mon, May 7, 2012 at 9:20 AM, Marc Patermann
> <hans....@ofd-z.niedersachsen.de> wrote:
>> I posted my issue on Thunderbird-Enterprise before and Ludovic Hirlimann
>> sent me here.
>>
>> I created an own CA and put the cert in cert8.db by GUI in Thunderbird 10
>> ESR.
>> As far as I understand it, the way to go is to put the corresponding
>> cert8.db file in defaults/profile in the program directory. (Which works for
>> mimetypes.rdf.)
>>
>> For what I tested it does not work. On a blank profile cert8.db is always
>> the original file, my CA is never included.
>> If I copy back cert8.db by hand, the CA is in there. So the file itself is
>> fine, but it seams to be never used.
>>
>> What did I do wrong?
> Perhaps the cert8.db file in defaults/profile in the program directory
> is not being used by Mozilla programs?
Is there anyone who can say for sure, if this is true or not?
> is not being used by Mozilla programs?
Is there a better place to ask?
In Firefox it should work this way, according to
http://mike.kaply.com/2012/03/30/customizing-firefox-default-profiles/
"If you add additional files into this directory, those files are copied
into the default profile along with the rest of the files. This is most
commonly used if you want to have default certificate databases. I’ve
seen cases where someone started Firefox, added the certificates and
certificates authorities they needed and then copied the various *.db
profiles from their profile and put them in the default profile so all
their users would get them."
Marc
0 new messages