Updating Firefox Certificates into an existing Profile

New Contributor

Good morning fellow Jamfers...

Having a problem getting a trusted certificate into Firefox for an existing account (I already know how to get it to update when a new Firefox profile is created).

Am able to get it into the keychain, but since Firefox creates a unique profile name for each user, cannot get Casper to replace the file in the proper directory.

We are not authenticating to a source yet (so only local logins) so the $3 parameter doesn't appear to produce a result.

The script works running locally on the system - the line I'm having a problem with is:

cd $HOME"$ffprofdir"

Since Casper runs as root, it's changing over the the HOME directory for the root user, not the logged in user. Jamf suggested copying the script locally and having a policy launch it locally using something like:

su -l $3 -c "sh /path/to/scrip.sh"

OR compile it in a DMG and launch the script like:

su -l <username> -c "sh /path/to/scrip.sh"

Neither of these worked. Any help is greatly appreciated!

Thanks in advance,

Nick LaTronica
East Brunswick Public Schools


Contributor II

I would start here: http://mike.kaply.com/category/mozilla/. We have used this blog to figure out how to do a lot of customizations to Firefox. In theory you can create a config file (which is really just javascript) that is executed each time the user launches Firefox. Your config file would either check for all necessary certs or just re-add them automatically. That way the install runs as the user each time and you can just push out updates as components of Firefox.

Honored Contributor
user=`ls -la /dev/console | cut -d " " -f 4`
sudo -u $user cp *sourcefile* /Users/$user/Library/Application Support/Firefox/etc/etc

Something like that should get you in the ballpark to find the logged in user and copy it into their folder.