Kyle,
Kyle Hamilton wrote:
On Wed, Dec 24, 2008 at 2:46 PM, Eddy Nigg <eddy_n...@startcom.org> wrote:
On 12/25/2008 12:36 AM, Kyle Hamilton:
To be honest, Mozilla doesn't distribute keytool with Firefox, which
means that I have to try to go into the (unbatchable) interface and
remove the flags one. by. one. by. one. and then select the next
certificate and remove those trust flags, and the next, and the next,
and the next...
Kyle, why don't you blow that libnssckbi away from your Firefox
installation? Would make it easier I think. (Hope I picked the right one ;-)
)
Primarily because I want those certs on one profile, but not another,
and disk space is kind of at a premium right now. :)
(Oh yeah, if one person who uses a computer doesn't want the built-in
roots, but another does, they have to have separate Firefox
installations.)
No. You can just move the libnssckbi.so to a location that won't
automatically be picked up by firefox in all profiles.
Then load libnssckbi.so explicitly only in the one profile in which you
want it, using "Manage security devices" / "Load" . It is just a PKCS#11
module, after all.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
