You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
close
You are viewing the article in preview mode. It is not live at the moment.
Home > 515: Application Manager > Knowledge Base > 03: PreConfigured AppSets > 17: Can I use Security.enterprise_roots.enabled as an alternate method for FF + Certificates?
17: Can I use Security.enterprise_roots.enabled as an alternate method for FF + Certificates?
print icon

Yes. You can use PolicyPak to deliver Security.enterprise_roots.enabled. But there are some downsides…

  1. First, you are beholden to Windows’ certificates which might be okay, but also could be a challenge in REVOKING those certificates. This is why Firefox HAS a separate store in the first place. The stores are unrelated. When you use Security.enterprise_roots.enabled you are marrying FF to use Windows’ store.
  2. When you use Security.enterprise_roots.enabled you cannot see the certificate inside Firefox. So this could make it hard to KNOW you got the cert there if you are sitting at the user’s computer.

That being said, there are two ways to enable Security.enterprise_roots.enabled.

Way #1:  Inside the main Firefox Pak itself

 

Way #2: Using the Firefox About:Config Pak J thru Z.
It is the last entry in the S: category

 

Note that if you’re looking for general advice in how to get started with Windows certificates and browsers support, you can  find that here.

Feedback
0 out of 6 found this helpful

scroll to top icon