Solved

Firefox groupo policy

Posted on 2012-04-10
7
797 Views
Last Modified: 2012-05-10
Hi All,


I haveadded my own self certificate to all our desktop and laptop computers.

it would seem the geeks at firefox still want to flag this as an issue.

I found these instructions on the internet to disable their "self signed" warning message for a specific site.



Bypassing the warning
You can tell Firefox to bypass these certificate warnings. You should only bypass the warning if you're sure that the site is legitimate. Legitimate public sites will not ask you to do this. An invalid certificate can be an indication of a web page that will defraud you or steal your identity.

On the warning page, click Or you can add an exception....
Click Add Exception.... The Add Security Exception dialog will appear.
Click Get Certificate.
Read the text describing the problems with this site.
Click Confirm Security Exception if you want to trust the site.


Does anyone know who to do this via group policy?


Thanks
0
Comment
Question by:detox1978
7 Comments
 
LVL 1

Accepted Solution

by:
Norautron earned 167 total points
Comment Utility
Hi!
I have tried to control Firefox via GPO, but i never found a solution.. The one ADM file i managed to import to GPO, had lots of settings, but they never applyed! I don't think that FF will release one. Just wanted to share my experience, since i used a lot of time on it.:)

Good luck!
0
 
LVL 19

Expert Comment

by:Miguel Angel Perez Muñoz
Comment Utility
0
 
LVL 10

Assisted Solution

by:scriven_j
scriven_j earned 333 total points
Comment Utility
There is an edition of Firefox which has been created to allow you to use Group Policy to lock it down / configure it.

You can download it and ADM templates from here:-

http://www.frontmotion.com/Firefox/fmfirefox.htm

I've used this for several years and is the best way I have found to apply Group Policy to Firefox.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 2

Author Comment

by:detox1978
Comment Utility
Drashiel, this is what i have done, so it works on chrome, IE etc... but Firefox has an additional self signed alert.

scriven_j, users already have firefox installed, so i dont fancy installing a separate version.
0
 
LVL 10

Expert Comment

by:scriven_j
Comment Utility
I don't know of any other method, sorry!
0
 
LVL 2

Author Comment

by:detox1978
Comment Utility
When users browse the website they get an option to add the URL to the exceptions list, when I add it the message is suppressed.

You'd think this info would be stored in the registry, but I couldn't find it anywhere.

Any further ideas?
0
 
LVL 10

Assisted Solution

by:scriven_j
scriven_j earned 333 total points
Comment Utility
I'd use something like Process Monitor:-

http://technet.microsoft.com/en-us/sysinternals/bb896645

Have it running, make the change and then you should be able to work out where it is stored.  Has to be a config file or registry entry....  If it's a registry entry you can add it to a policy if it's a file, then you would need to script something to roll it out automatically.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now