1

I have to add some certificates to firefox before building it. Then test it with this certificates. I know that certificates are hardcoded into the certdata.txt, in this location:

mozilla-source\mozilla-central\security\nss\lib\ckfw\builtins

I've tried to add certificates into the certdata.txt using addbuilit from nss-tools. But after building it I get errors.

Compiler shows this errors when reading certdata.txt:

0:49.23 c:/mozilla-source/mozilla-central/obj-x86_64-pc-mingw32/security/nss/lib/ckfw/builtins/builtins_nssckbi/certdata.c(20983,1): warning: missing terminating '"' character [-Winvalid-pp-token] 0:49.23 "\152\270\202\165\004\122\100\146\207\136\301\151\270\325\275\134

Alikhan247
  • 21
  • 8

1 Answers1

1

Actually it's pretty easy to do.

Firstly you need a nss and nspr, because of nss that is built in to mozilla installer does not have addbuiltin function that we need.

Download NSS for windows

Download Nspr for windows

Second step

unpack both of these files.

Then copy the contents of the NSPR /lib folder to the NSS /bin folder

Copy your certificate and certutil.txt to the NSS /bin folder. Note: Your certificate should be in .der format!

Third step

Run this code bellow:

addbuiltin -n "My certificate name" -t "CT,C,C" < CAcert.der >> certdata.txt

My certificate name - The name of the certificate that will be added to the certutil.txt.

CT,C,C - Is the trusted properties of the certificate.

CAcert.der - Certificate itself.

certdata.txt - Certificates containing file.

But before copying certutil.txt back to the source code you have to do one more thing. Open certutil.txt in Notepad++ and turn on hidden characters by Menu View → Show Symbol → Show All Characters. Then change /r/n to /n.

And you've done!

Alikhan247
  • 21
  • 8