Any such CAs will be imported and trusted by Firefox, although they may not appear in Firefox's certificate manager. Set the preference security.enterprise_roots.enabled to true.įirefox will inspect the HKLM\SOFTWARE\Microsoft\SystemCertificates registry location (corresponding to the API flag CERT_SYSTEM_STORE_LOCAL_MACHINE) for CAs that are trusted to issue certificates for TLS web server authentication.Enter about:config in the address bar and continue to the list of preferences.Starting with version 49, Firefox can be configured to automatically search for and import CAs that have been added to the Windows certificate store by a user or administrator. Setting the security.enterprise_roots.enabled preference to true in about:config will enable the Windows and macOS enterprise root support.
The Install key by default will search for certificates in the locations listed below.It is equivalent to setting the security.enterprise_roots.enabled preference as described in the Built-in Windows and macOS Support section below. We recommend this option to add trust for a private PKI to Firefox. Setting the ImportEnterpriseRoots key to true will cause Firefox to trust root certificates.Starting with Firefox version 64, an enterprise policy can be used to add CA certificates to Firefox. Using policies to import CA certificates (recommended) You can add these CA certificates using one of the following methods. This should be done early on, so your users won’t have trouble accessing websites. If your organization uses private certificate authorities (CAs) to issue certificates for your internal servers, browsers such as Firefox might display errors unless you configure them to recognize these private certificates.
This article is intended for IT administrators who wish to set up Firefox on the computers within their organization.
0 kommentar(er)
