Package: debian-edu-config Severity: wishlist Hi,today I have played with Firefox and custom CA certificate import into the browser. This over-all sucks. Firefox does not consider the system-wide CA cert store as trustworthy by default.
However, there is a simple solution to this: the trust cryptography module in p11-kit-modules.
For this, to be doable on Debian Edu sites, we need to add this content: ``` library=/usr/lib/x86_64-linux-gnu/pkcs11/p11-kit-trust.so name=PKCS#11 Trust Module NSS=trustOrder=100 ```to debian-edu-config's file etc/skel/.mozilla/firefox/debian-edu.default/pkcs11.txt
With this file in place in fresh mozilla profiles, Firefox will activate the pkcs11 trust module and trust CA certificates in /etc/ssl/certs/ca-certificates.crt.
A similar solution must be found for chromium. Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4354) 8390 139 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
Attachment:
pgpvrmXnuQO_Y.pgp
Description: Digitale PGP-Signatur