How to add a trusted Certificate Autority to Firef

I want to add a trusted certificate autority to your Mozilla Firefox certificate repository using JSS and Windows. Somebody knows how to do that?

Here is how to do it with JSS 4.3.1 !

You will find your windows firefox profile directory at %APPDATA%/Mozilla/Firefox/Profiles.

Be sure to put all needed native libs in a unique directory and references this directory in the java.library.path, example:

-Djava.library.path="C:\dev\firefox\jss-native" Here is the sample code:

File firefoxProfilesDir = new File(appData + "/Mozilla/Firefox/Profiles");

    boolean firefoxInstalled = firefoxProfilesDir.exists() && firefoxProfilesDir.isDirectory();
    if (!firefoxInstalled) {
        LOG.info("Firefox profiles not found, abort");
        return;
    }

    LOG.info("Firefox profiles found");

    LOG.info("Browsing for firefox profile");

    File[] profilesDir = firefoxProfilesDir.listFiles();
    for (File profileDir : profilesDir) {
        if (!profileDir.isDirectory()) {
            continue;
        }

        LOG.info("Found firefox profile {}", profileDir.getName());

        // Autority
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        Certificate rootCertificate = certificateFactory.generateCertificate(Dispatcher.class
                .getResourceAsStream("/certificates/myautoritycert.cer"));

        // Load native libs
        System.loadLibrary("nspr4");
        System.loadLibrary("plc4");
        System.loadLibrary("plds4");
        System.loadLibrary("nssutil3");
        System.loadLibrary("nss3");
        System.loadLibrary("smime3");
        System.loadLibrary("freebl3");
        System.loadLibrary("nssckbi");
        System.loadLibrary("nssdbm3");
        System.loadLibrary("sqlite3");
        System.loadLibrary("ssl3");

        // Initialize mozilla crypto
        CryptoManager.initialize(profileDir.getAbsolutePath());
        CryptoManager manager = CryptoManager.getInstance();
        CryptoToken token = manager.getInternalKeyStorageToken();
        manager.setThreadToken(token);

        // Autority
        X509Certificate cert = manager.importCACertPackage(rootCertificate.getEncoded());
        InternalCertificate certInternal = manager.importCertToPerm(cert , "somealias");
        certInternal.setSSLTrust(InternalCertificate.TRUSTED_CA);

        LOG.info("Certificate {} loaded into firefox profile {}", "somealias", profileDir.getName());

        break;
    }