136
edits
Changes
m
below --> next section
As of Firefox 64, an [https://support.mozilla.org/en-US/products/firefox-enterprise/policies-enterprise enterprise policy] can be used to add CA certificates to Firefox. This is now the method recommended for organizations to install private trust anchors.
The ''ImportEnterpriseRoots'' key will cause Firefox to trust root certificates that are in the system certificate store as long as the key is set to “true”. We recommend this option to add trust for a private PKI to Firefox. It is equivalent to setting the "'''security.enterprise_roots.enabled'''" preference as described belowin the next section.
The ''Install'' key by default will search for certificates in the locations listed below. Starting in Firefox 65, you can specify a fully qualified path (see cert3.der and cert4.pem in [https://github.com/mozilla/policy-templates/blob/master/README.md#Certificates this example]). If Firefox does not find something at your fully qualified path, it will search the default directories.
