0

I want to add a trusted certificate autority to your Mozilla Firefox certificate repository using JSS and Windows. Somebody knows how to do that?

Réda Housni Alaoui
  • 1,244
  • 2
  • 15
  • 22
  • I hope it will be helpful :) – Réda Housni Alaoui Jun 20 '14 at 18:29
  • While it's fine to answer your own question on SO, it still needs to be in the Q&A format. Please split this into a question that can stand on its own (including relevant content) and an answer to it. – Bruno Jun 20 '14 at 20:07
  • This appears to be off-topic because it is not a question. It looks like the poster is using Stack Overflow as his/her own personal blog. – jww Jun 21 '14 at 04:15
  • I split it into a Q&A format. The thing is that I had a lot of trouble to resolve my own issue, so I wanted to share it with other people. I am sorry if I broke any rule, this is my first post on stackoverflow. – Réda Housni Alaoui Jun 22 '14 at 13:38

1 Answers1

0

Here is how to do it with JSS 4.3.1 !

You will find your windows firefox profile directory at %APPDATA%/Mozilla/Firefox/Profiles.

Be sure to put all needed native libs in a unique directory and references this directory in the java.library.path, example:

-Djava.library.path="C:\dev\firefox\jss-native" Here is the sample code:

File firefoxProfilesDir = new File(appData + "/Mozilla/Firefox/Profiles");

    boolean firefoxInstalled = firefoxProfilesDir.exists() && firefoxProfilesDir.isDirectory();
    if (!firefoxInstalled) {
        LOG.info("Firefox profiles not found, abort");
        return;
    }

    LOG.info("Firefox profiles found");

    LOG.info("Browsing for firefox profile");

    File[] profilesDir = firefoxProfilesDir.listFiles();
    for (File profileDir : profilesDir) {
        if (!profileDir.isDirectory()) {
            continue;
        }

        LOG.info("Found firefox profile {}", profileDir.getName());

        // Autority
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        Certificate rootCertificate = certificateFactory.generateCertificate(Dispatcher.class
                .getResourceAsStream("/certificates/myautoritycert.cer"));

        // Load native libs
        System.loadLibrary("nspr4");
        System.loadLibrary("plc4");
        System.loadLibrary("plds4");
        System.loadLibrary("nssutil3");
        System.loadLibrary("nss3");
        System.loadLibrary("smime3");
        System.loadLibrary("freebl3");
        System.loadLibrary("nssckbi");
        System.loadLibrary("nssdbm3");
        System.loadLibrary("sqlite3");
        System.loadLibrary("ssl3");

        // Initialize mozilla crypto
        CryptoManager.initialize(profileDir.getAbsolutePath());
        CryptoManager manager = CryptoManager.getInstance();
        CryptoToken token = manager.getInternalKeyStorageToken();
        manager.setThreadToken(token);

        // Autority
        X509Certificate cert = manager.importCACertPackage(rootCertificate.getEncoded());
        InternalCertificate certInternal = manager.importCertToPerm(cert , "somealias");
        certInternal.setSSLTrust(InternalCertificate.TRUSTED_CA);

        LOG.info("Certificate {} loaded into firefox profile {}", "somealias", profileDir.getName());

        break;
    }
Réda Housni Alaoui
  • 1,244
  • 2
  • 15
  • 22