- This topic is empty.
-
AuthorPosts
-
September 21, 2011 at 9:00 am #6850
Hi.
We have some C50LE clients which should start firefox and connect to a URL using https.
The Clients are configured via DHCP / FTP using wlx.ini (which is attached at the bottom of this post).
We have set up a CA inside our active directory and generated server certificates for the webinterfaces we need to connect to.Firefox throws an error: “The certificate is not trusted because the issuer certificate is not trusted”
I think this is because the root certificate is from our own CA and firefox can not verify it.
Is there a way to add this certificate automatically? We can not let the users add an exeption manually.Thanks in advance for any reply 🙂
rsassman
wlx.ini:
ImportCerts=yes Certs=root-iat-omws.cer
DisplaySettings=MON1 rotate-normal DDC
Autologin=Yes
DefaultUser=thinuser
ChangeAdminPassword=xxx
ChangeGuestPassword=xxx
ChangeRootPassword=xxx
ChangeThinUserPassword=xxx
DisableVNC=yes;************************************************* ************
;* Firefox *
;************************************************* ************Browser.Homepage=https://swp-xenapp.iat-omws.local
;
;- Firefox Session 1 –
;- Each line but the last must end with a ‘ ‘ –
;
CONNECT=BROWSER
Description=”foxfromini”
URL=https://swp-xenapp.iat-omws.local
Resolution=FullScreen
AutoConnect=yes
Mode=Normal
LocalCopy=noLocalCopy=no
September 21, 2011 at 11:55 am #21083Not 100% sure but I think you have to import the cert inside Firefox.
If you need to convert the certificate to support .p12 format, maybe this can help you:
Note: To convert Certificates from pfx format to pem format, follow the instructions given below:
Install Opensll-0.9.7c-bin.exe on windows 2003 server (Can install any latest version)
Go to C:Program FilesGnuWin32bin
Copy the pfx file to this folder and run openssl.exe
Enter the following command
openssl pkcs12 -in tme2.pfx -out tme2.pem
1. !— The command to be given, -in .
2. Enter Import Password:
3. !— Enter the password given previously.
4. MAC verified OK
5. Enter PEM pass phrase:
Here we give a new pass phrase
6. !— Enter a phrase.
Verifying – Enter PEM pass phrase:CG
September 21, 2011 at 2:05 pm #21084Thanks for your reply.
Yes, I have to import the certificate in firefox.
As the certificate needs to be imported in every client I need an automated way to do this. Maybe I could distribute the cert8.db-file, where thr trusted certificates are stored. But I don’t know how to copy the file without user interaction on every logon or on new devices.
-
AuthorPosts
- You must be logged in to reply to this topic.