Im using ubuntu18 desktop and i have added the certificates i need to firefox 73.0:
/usr/share/ca-certificates/mozilla
and also added it to :
/etc/ca-certificates.conf
At the end of the file like :
mozilla/caname.crt
And run :
update-ca-certificate
now, i can see certificates are in firefox certificate list through the browser but does not have any trust box marked, so it doesnt work.
Is there a way from cli to force the trust flag on this certificates, maybe with certutil ?
I know there is a lot of ways to enter certificate to firefox using cli commands but none have worked for me, and now i was able to add the certificates using the commands above, but i need to add the trust.
Found this solution to add certificates to firefox on ubuntu :
https://github.com/mozilla/policy-templates/#proxy
Simply need to add this file to :
/usr/lib/firefox/distribution/
touch policies.json
In policies.json add:
{
"policies": {
"Certificates": {
"ImportEnterpriseRoots": true,
"Install" [
"somecert1.crt",
"usr/local/share/ca-certificates/somecert1.crt"
]
}
}
}
The install part is first the name of the cert and then the path. And restart firefox. if somthing doesnt work try resetting firefox as if you have set somthing before it can stuck it.
This method works good without certutil