Skip to content
This repository has been archived by the owner on Dec 21, 2021. It is now read-only.

script to add new CA certificates to the Firefox trusted certificate store on Windows

License

Notifications You must be signed in to change notification settings

christian-korneck/firefox_add-certs

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

firefox_add-certs

script to add new CA certificates to the Firefox trusted certificate store on Windows

Description

Unlike other browsers, Firefox doesn't use the Windows certificate store, but comes with its own hardcoded list of trusted Certificate Authorities. New CA certificates can be added through the GUI and are stored in the user's Firefox profile. This cmd script is a very thin wrapper around Mozilla's NSS certutil command line tool, that adds all CA certificates from a given folder as trusted to:

  • the default Firefox profile (so that any newly created Firefox profile will automatically have them)
  • the Firefox profiles of all users on the local Windows machine (appropriate write permissions to these user profiles needed)

The release download includes a build of the NSS certutil.exe.

Usage

  • download and extract the ZIP file from the release page (includes the NSS certutil.exe binaries)
  • put all CA certificates that you want to add in the folder: cacert\. File extension needs to be .pem.
    • note: For testing, the CA folder includes the CACert.org root and intermediate certificates. Remove them if you don't want to add them.
  • run add-certs.cmd with admin privileges

Requirements

About

script to add new CA certificates to the Firefox trusted certificate store on Windows

Resources

License

Stars

Watchers

Forks

Packages

No packages published