bug 1298883 - make security.enterprise_roots.enabled appear in about:config r?jcj
This pref controls whether or not the platform looks for and trusts enterprise
roots (currently only available on Windows). Adding it to security-prefs.js will
make it appear in about:config, which is a much more straightforward user
experience (previously users would have to add it manually). It is still
disabled by default.
MozReview-Commit-ID: 6pQkh2gTNTF
--- a/netwerk/base/security-prefs.js
+++ b/netwerk/base/security-prefs.js
@@ -43,16 +43,18 @@ pref("security.password_lifetime",
// The supported values of this pref are:
// 0: disable detecting Family Safety mode and importing the root
// 1: only attempt to detect Family Safety mode (don't import the root)
// 2: detect Family Safety mode and import the root
// (This is only relevant to Windows 8.1)
pref("security.family_safety.mode", 2);
+pref("security.enterprise_roots.enabled", false);
+
pref("security.OCSP.enabled", 1);
pref("security.OCSP.require", false);
pref("security.OCSP.GET.enabled", false);
pref("security.pki.cert_short_lifetime_in_days", 10);
// NB: Changes to this pref affect CERT_CHAIN_SHA1_POLICY_STATUS telemetry.
// See the comment in CertVerifier.cpp.
// 4 = allow SHA-1 for certificates issued before 2016 or by an imported root.