C50LE how to add root certificate - Technicalhelp: A Flexible Computing Service

This topic is empty.

Viewing 3 posts - 1 through 3 (of 3 total)

Author

Posts
September 21, 2011 at 9:00 am #6850
rsassman
Member
- Total Post: 2
- Newbie
Hi.

We have some C50LE clients which should start firefox and connect to a URL using https.
The Clients are configured via DHCP / FTP using wlx.ini (which is attached at the bottom of this post).
We have set up a CA inside our active directory and generated server certificates for the webinterfaces we need to connect to.

Firefox throws an error: “The certificate is not trusted because the issuer certificate is not trusted”
I think this is because the root certificate is from our own CA and firefox can not verify it.
Is there a way to add this certificate automatically? We can not let the users add an exeption manually.

Thanks in advance for any reply 🙂

rsassman

wlx.ini:

ImportCerts=yes Certs=root-iat-omws.cer
DisplaySettings=MON1 rotate-normal DDC
Autologin=Yes
DefaultUser=thinuser
ChangeAdminPassword=xxx
ChangeGuestPassword=xxx
ChangeRootPassword=xxx
ChangeThinUserPassword=xxx
DisableVNC=yes

;************************************************* ************
;* Firefox *
;************************************************* ************

Browser.Homepage=https://swp-xenapp.iat-omws.local

;

;- Firefox Session 1 –
;- Each line but the last must end with a ‘ ‘ –
;

CONNECT=BROWSER
Description=”foxfromini”
URL=https://swp-xenapp.iat-omws.local
Resolution=FullScreen
AutoConnect=yes
Mode=Normal
LocalCopy=no

LocalCopy=no
September 21, 2011 at 11:55 am #21083
ConfGen
Keymaster
- Total Post: 10696
- Jedi Master
Not 100% sure but I think you have to import the cert inside Firefox.

If you need to convert the certificate to support .p12 format, maybe this can help you:

Note: To convert Certificates from pfx format to pem format, follow the instructions given below:

Install Opensll-0.9.7c-bin.exe on windows 2003 server (Can install any latest version)

Go to C:Program FilesGnuWin32bin

Copy the pfx file to this folder and run openssl.exe

Enter the following command

openssl pkcs12 -in tme2.pfx -out tme2.pem

1. !— The command to be given, -in .
2. Enter Import Password:
3. !— Enter the password given previously.
4. MAC verified OK
5. Enter PEM pass phrase:
Here we give a new pass phrase
6. !— Enter a phrase.
Verifying – Enter PEM pass phrase:

CG
September 21, 2011 at 2:05 pm #21084
rsassman
Member
- Total Post: 2
- Newbie
Thanks for your reply.

Yes, I have to import the certificate in firefox.

As the certificate needs to be imported in every client I need an automated way to do this. Maybe I could distribute the cert8.db-file, where thr trusted certificates are stored. But I don’t know how to copy the file without user interaction on every logon or on new devices.
Author

Posts

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.