Firefox estensions: programmatically add a certificate to the trust certificate store

Question

I am trying to understand how to add a certificate in the store of trusted certificates in FF. I could not find a clear answer so far, but doing some research I understand it should be doable with a firefox extension. This may be an hint:

https://developer.mozilla.org/en-US/Add-ons/Code_snippets/Miscellaneous#Adding_custom_certificates_to_a_XULRunner_application

Does anyone know how to do this with modern versions of FF? is there any best practices?

Thank in advance, Stefano

Answer 1

just to answer my own question... after some additional research I managed to do it and I believe what's in the article is quite accurate. you do not need necessarily to build an XPCOM though.

I have just created a simple add on with the code below:

function addCertificate() {
    var certDB = Cc["@mozilla.org/security/x509certdb;1"].getService(Ci.nsIX509CertDB);
    var is = Cc["@mozilla.org/scriptableinputstream;1"].getService(Ci.nsIScriptableInputStream);
    var file = new FileUtils.File("/tmp/famfor.crt");
    var channel = gIOService.newChannelFromURI(gIOService.newFileURI(file));

    var input = channel.open();
    is.init(input);
    var envelope = is.read(input.available());
    is.close();
    input.close();

    var beginCert = "-----BEGIN CERTIFICATE-----";
    var endCert = "-----END CERTIFICATE-----";

    envelope = envelope.replace(/[\r\n]/g, "");
    var begin = envelope.indexOf(beginCert);
    var end = envelope.indexOf(endCert);
    var cert = envelope.substring(begin + beginCert.length, end);

    console.log(cert);

    certDB.addCertFromBase64(cert, "C,C,C", "");
};

Quite straightforward I would say :)