How to import certificate

Here you can post about the issues related to modifications performed manually (not through the kiosk wizard). Example: swapped kernel, added 3rd party modules or files.
Please describe in detail what has been changed and hopefully other kiosk user will be able to help.
Porteus team wont resolve bugs posted in this category as we support only modifications made by the kiosk wizard.
Forum rules
Porteus Kiosk section of the forum is unmaintained now. Its kept in a 'read only' mode for archival purposes.
Please use the kiosk contact page for directing your queries: https://porteus-kiosk.org/contact.html
flender
White ninja
White ninja
Posts: 19
Joined: 07 Jan 2014, 13:18
Distribution: Porteus Kiosk edition
Location: france

How to import certificate

Post#1 by flender » 16 Jun 2016, 13:14

Hello,

I use a old version : 3.18.14-porteus-kiosk
I'm forced to use this version beacause my kiosk is running on a very old computer, and with the new porteus version the wireless driver is not supported.

The kiosk is used to get on a https web interface. So the browser need a certificate.
How can i insert this certificate in my kiosk (during the wizard or after) ?
Or during the wizard can I modify a firefox parameter to accepte all security exception ?

Thanks for your help :)

User avatar
fanthom
Moderator Team
Moderator Team
Posts: 5666
Joined: 28 Dec 2010, 02:42
Distribution: Porteus Kiosk
Location: Poland
Contact:

Re: How to import certificate

Post#2 by fanthom » 16 Jun 2016, 16:48

Hello flender,

"I use a old version : 3.18.14-porteus-kiosk
I'm forced to use this version beacause my kiosk is running on a very old computer, and with the new porteus version the wireless driver is not supported."
If you send me debug report on support@porteus-kiosk.org then i'll have a look why its not working (at least with 3.7.0 release).

"How can i insert this certificate in my kiosk (during the wizard or after) ?
Or during the wizard can I modify a firefox parameter to accepte all security exception ?"
If its self signed cert then you must:
1) create clean Firefox profile under any Linux
2) navigate to your website and manually accept your certificate
3) remaster kiosk ISO as per this doc:
http://porteus-kiosk.org/kiosk-customization.html
4) copy cert8.db and cert_override.txt from your Firefox profile to your custom module
5) create new kiosk ISO

More info:
https://developer.mozilla.org/en-US/doc ... erride.txt

That should do it.
Please add [Solved] to your thread title if the solution was found.

flender
White ninja
White ninja
Posts: 19
Joined: 07 Jan 2014, 13:18
Distribution: Porteus Kiosk edition
Location: france

Re: How to import certificate

Post#3 by flender » 28 Jun 2016, 08:00

Hi,

Can you tell me where is located the file " cert_override.txt" on the kiosk when they is running ? (by ssh connection)
I have found cert8.db in "/home/guest/.mozilla/firefox/c3pp43bg.default/cert8.db"


Thanks

User avatar
fanthom
Moderator Team
Moderator Team
Posts: 5666
Joined: 28 Dec 2010, 02:42
Distribution: Porteus Kiosk
Location: Poland
Contact:

Re: How to import certificate

Post#4 by fanthom » 28 Jun 2016, 08:40

cert_override.txt should be also placed in the Firefox profile directory. Doing it over ssh wont work as profile is cleared during every browser restart. You must remaster installation ISO.

Thanks.
Please add [Solved] to your thread title if the solution was found.

flender
White ninja
White ninja
Posts: 19
Joined: 07 Jan 2014, 13:18
Distribution: Porteus Kiosk edition
Location: france

Re: How to import certificate

Post#5 by flender » 28 Jun 2016, 12:29

Yes I know, It was just for copy cert8.db and cert_override.txt :D

I have unpack my module;
Can you give me the path where I need to insert the files ? /tmp/..../xzm/squashfs-root/usr/lib/firefox ?


Thanks

User avatar
fanthom
Moderator Team
Moderator Team
Posts: 5666
Joined: 28 Dec 2010, 02:42
Distribution: Porteus Kiosk
Location: Poland
Contact:

Re: How to import certificate

Post#6 by fanthom » 28 Jun 2016, 14:23

Both files should go to Firefox profile directory which is:

Code: Select all

/home/guest/.mozilla/firefox/c3pp43bg.default
Please remember that root must have an ownership of the '/home' folder and guest must own the rest. Guest UID:GID is 1000:1000.
Please add [Solved] to your thread title if the solution was found.

flender
White ninja
White ninja
Posts: 19
Joined: 07 Jan 2014, 13:18
Distribution: Porteus Kiosk edition
Location: france

Re: How to import certificate

Post#7 by flender » 29 Jun 2016, 05:50

Hi,

Hum ... I don't understand

I'have my 2 files (cert8.db and cert_override.txt )

Now I need to insert this files in my custom module.

But, when I unpack the firefox module (002-firefox.xzm) I can't find the profile directory why ?
(I search in /tmp/kiosk_iso/xzm/squashfs-root/usr/lib/firefox)
I have no profile directory such as c3pp43bg.default

Where can I found this directory for insert my files ?

User avatar
fanthom
Moderator Team
Moderator Team
Posts: 5666
Joined: 28 Dec 2010, 02:42
Distribution: Porteus Kiosk
Location: Poland
Contact:

Re: How to import certificate

Post#8 by fanthom » 29 Jun 2016, 09:00

Create new module and add your custom files preserving correct path and permissions.
Please add [Solved] to your thread title if the solution was found.

flender
White ninja
White ninja
Posts: 19
Joined: 07 Jan 2014, 13:18
Distribution: Porteus Kiosk edition
Location: france

Re: How to import certificate

Post#9 by flender » 29 Jun 2016, 11:36

Sorry, I don't understand what I need to do

I need to create a script who copy cert8.db and cert_override.txt to /home/guest/.mozilla/firefox/c3pp43bg.default ?
But, firstly how can insert my file in the custom module ? For the script can copy them


Thanks for you help ...

User avatar
fanthom
Moderator Team
Moderator Team
Posts: 5666
Joined: 28 Dec 2010, 02:42
Distribution: Porteus Kiosk
Location: Poland
Contact:

Re: How to import certificate

Post#10 by fanthom » 29 Jun 2016, 13:15

Our documentation should help:
porteus-kiosk.org/kiosk-customization.html

If you are still in troubles then I recommend customized builds service:
porteus-kiosk.org/builds.html

Thank you.
Please add [Solved] to your thread title if the solution was found.

Locked