This shows you the differences between two versions of the page.
Next revision | Previous revision Next revision Both sides next revision | ||
userspace:mozilla_nss [2012/12/06 08:20] wolfbardo created |
userspace:mozilla_nss [2013/09/27 16:00] wolfbardo |
||
---|---|---|---|
Line 6: | Line 6: | ||
Comments and improvements welcome \\ | Comments and improvements welcome \\ | ||
- | Tested with opsi 4.0.2 \\ | + | Tested with opsi 4.0.3 \\ |
Full-Package at | Full-Package at | ||
http:// | http:// | ||
- | ==== certutil.ins ==== | ||
- | |||
- | <code winst> | ||
; This sourcecode is owned by uib | ; This sourcecode is owned by uib | ||
Line 21: | Line 18: | ||
[Actions] | [Actions] | ||
+ | DefVar $dummy$ | ||
+ | DefVar $PREF_FILE$ | ||
+ | DefVar $preftype$ | ||
+ | DefStringList $profiles$ | ||
+ | DefVar $akt_profile_ini$ | ||
+ | DefVar $akt_prefs_path$ | ||
+ | DefVar $AppData$ | ||
+ | DefVar $rel_prefs_path$ | ||
+ | DefVar $mozilla_userpath$ | ||
+ | DefVar $INST_OpsiclientdCertificateFile$ | ||
+ | DefVar $INST_OpsiclientdDir$ | ||
- | comment " simple template for using mozilla nss tools " | + | if getMsVersionInfo >= " |
+ | set $AppData$ = " | ||
+ | else | ||
+ | comment "not supported OS" | ||
+ | endif | ||
+ | |||
+ | Set $preftype$ = " | ||
+ | Set $PREF_FILE$ = " | ||
+ | |||
+ | Set $INST_OpsiclientdDir$ | ||
+ | Set $INST_OpsiclientdCertificateFile$ = $INST_OpsiclientdDir$+" | ||
+ | |||
+ | comment " Example for Mozilla Firefox" | ||
+ | ; populate default db see section CertifikatMozillalösung | ||
+ | set $akt_prefs_path$ =" | ||
+ | |||
+ | if ((NOT (FileExists($akt_prefs_path$+" | ||
+ | ; | ||
+ | ; https:// | ||
+ | ; Creating New Security Databases | ||
+ | |||
+ | DosInAnIcon_createNewSecurityDatabase | ||
+ | endif | ||
+ | |||
+ | DosInAnIcon_certutil | ||
+ | |||
+ | Set $mozilla_userpath$ = " | ||
+ | comment "get user directories via dosbatch dir command" | ||
+ | Set $profiles$ = getOutStreamFromSection (' | ||
+ | comment "loop over the result" | ||
+ | for $x$ in $profiles$ do sub_patch_prefs_file | ||
+ | |||
+ | comment " Example for Mozilla thunderbird" | ||
+ | ; populate default db see section CertifikatMozillalösung | ||
+ | set $akt_prefs_path$ =" | ||
+ | |||
+ | if ((NOT (FileExists($akt_prefs_path$+" | ||
+ | ; | ||
+ | ; https:// | ||
+ | ; Creating New Security Databases | ||
+ | |||
+ | endif | ||
+ | |||
+ | DosInAnIcon_certutil | ||
+ | |||
+ | Set $mozilla_userpath$ = " | ||
+ | comment "get user directories via dosbatch dir command" | ||
+ | Set $profiles$ = getOutStreamFromSection (' | ||
+ | comment "loop over the result" | ||
+ | for $x$ in $profiles$ do sub_patch_prefs_file | ||
+ | [comment " simple template for using mozilla nss tools "] | ||
; | ; | ||
; | ; | ||
- | DosInAnIcon_certutil | + | |
+ | |||
+ | [dosbatch_profiledir] | ||
+ | @echo off | ||
+ | dir " | ||
+ | |||
+ | [sub_patch_prefs_file] | ||
+ | ;Set $akt_profile_ini$ = " | ||
+ | Set $akt_profile_ini$ = " | ||
+ | if FileExists($akt_profile_ini$) | ||
+ | Set $rel_prefs_path$ = GetValueFromInifile($akt_profile_ini$," | ||
+ | ; try to handle profiles.ini prefs_path absolut not relativ | ||
+ | ; http:// | ||
+ | ; profiles.ini IsRelative=1 (true) IsRelative=0 (false) for example Path=D: | ||
+ | |||
+ | Set $dummy$ = GetValueFromInifile($akt_profile_ini$," | ||
+ | if ( $dummy$ = " | ||
+ | comment " | ||
+ | Set $akt_prefs_path$ = " | ||
+ | else | ||
+ | comment " | ||
+ | Set $akt_prefs_path$ = $rel_prefs_path$ | ||
+ | endif | ||
+ | |||
+ | if ((NOT (FileExists($akt_prefs_path$+" | ||
+ | ; | ||
+ | DosInAnIcon_createNewSecurityDatabase | ||
+ | endif | ||
+ | |||
+ | DosInAnIcon_certutil | ||
+ | endif | ||
+ | |||
+ | [DosInAnIcon_createNewSecurityDatabase] | ||
+ | %SCRIPTPATH%\nss-3.12.4\bin\certutil.exe -N -d " | ||
[DosInAnIcon_certutil] | [DosInAnIcon_certutil] | ||
- | %SCRIPTPATH%\nss-3.12.4\bin\certutil.exe -L -d "$default_prefs_path$" | + | %SCRIPTPATH%\nss-3.12.4\bin\certutil.exe -L -d "$akt_prefs_path$" |
- | %SCRIPTPATH%\nss-3.12.4\bin\certutil.exe -A -n "UCS" -t " | + | %SCRIPTPATH%\nss-3.12.4\bin\certutil.exe -A -n "certifikatOPSISERVER" -t " |
- | %SCRIPTPATH%\nss-3.12.4\bin\certutil.exe -A -n "MMMMM" -t " | + | %SCRIPTPATH%\nss-3.12.4\bin\certutil.exe -A -n "certifikatOPSIclientd" -t " |
- | %SCRIPTPATH%\nss-3.12.4\bin\certutil.exe -A -n "MMMMMdaten" | + | %SCRIPTPATH%\nss-3.12.4\bin\certutil.exe -L -d "$akt_prefs_path$" |
- | %SCRIPTPATH%\nss-3.12.4\bin\certutil.exe -L -n "MMMMMF" -d "$default_prefs_path$"</code> | + | %SCRIPTPATH%\nss-3.12.4\bin\certutil.exe -L -n "certifikatOPSISERVER" -d "$akt_prefs_path$" |
+ | %SCRIPTPATH%\nss-3.12.4\bin\certutil.exe -L -n "certifikatOPSIclientd" -d "$akt_prefs_path$" | ||
+ | |||
+ | [Files_copy_default_db] | ||
+ | copy %SCRIPTPATH%\nss-3.12.4\db\*db " | ||
+ | |||
+ | |||
+ | [CertifikatMozillalösung] | ||
+ | |||
+ | https:// | ||
+ | https:// | ||
+ | |||
+ | I have noticed modutil with -create option will create a secmod.db, | ||
+ | cert8.db and key3.db (9?) files, unless you specify -nocertdb option. | ||
+ | As stated in here: | ||
+ | |||
+ | http:// | ||
+ | |||
+ | A very late reply, but since it may be useful to others, here it is: | ||
+ | |||
+ | After manually importing the certificate(s), | ||
+ | Copy that cert8.db file to the program directory (" | ||
+ | |||
+ | That works well, for both Firefox and Thunderbird, | ||
+ | An alternative to creating the master cert8.db by manually importing certificates through the Mozilla GUI, is to use the libnss certutil command as described in my first message in this thread. | ||