Hello,
I'm responsible for repackaging Firefox so it'll install with our university's proxy settings, tab preferences, etc. I've built myself into a hole while packaging version 2.x and was directed here by the app dev guys. Our school has our own CA, and we publish our root certificate for both IE and Mozilla-based browsers on our intranet. If that root cert isn't installed locally on a computer, any internal sites under HTTPS will come up with a certificate error. After reading the back-and-forth on the web about the whole "invalid certificate" debate, I realized that trying to solve the problem with cert_override.txt wasn't really the solution and that the solution would be to make sure all the clients have the root cert installed. However I can't find any way of installing it globally for all users. I know each profile stores a cert8.db file, which I don't want to just blindly overwrite on an upgrade because by now folks probably have other certificates to worry about. But I've been drawing blanks on how to do that on an upgrade from 2.x to 3.0. I have our certificate installed into cert8.db in the default profile folder but that file isn't copied over or merged after an upgrade. Anyone here know how to include an in-house root certificate so that all users, regardless of whether or not they already have a 2.x profile, will be upgraded to include this cert after 3.0 is installed? _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
