szepeviktor/disable-built-in-ca.js

## disable-built-in-ca.js
// To be run in xpcshell
// Source: https://github.com/eqsoft/seb2/blob/15b9bf9282c1fe9b05e01434c3bdcaea64503714/certdb/app/modules/certdb.jsm#L354-L369
let certdb = Cc["@mozilla.org/security/x509certdb;1"].getService(Ci.nsIX509CertDB);
let certlist = certdb.getCerts();
let enumerator = certlist.getEnumerator();

// Distrust all
while (enumerator.hasMoreElements()) {
    let cert = enumerator.getNext().QueryInterface(Ci.nsIX509Cert);
    // Display CA names
    console.log("issuer: " + cert.issuerName);
    // Distrust
    certdb.setCertTrust(cert, Ci.nsIX509Cert.ANY_CERT, Ci.nsIX509CertDB.UNTRUSTED);
    // Delete ???
    certdb.deleteCertificate(cert);
}
	// To be run in xpcshell
	// Source: https://github.com/eqsoft/seb2/blob/15b9bf9282c1fe9b05e01434c3bdcaea64503714/certdb/app/modules/certdb.jsm#L354-L369
	let certdb = Cc["@mozilla.org/security/x509certdb;1"].getService(Ci.nsIX509CertDB);
	let certlist = certdb.getCerts();
	let enumerator = certlist.getEnumerator();

	// Distrust all
	while (enumerator.hasMoreElements()) {
	let cert = enumerator.getNext().QueryInterface(Ci.nsIX509Cert);
	// Display CA names
	console.log("issuer: " + cert.issuerName);
	// Distrust
	certdb.setCertTrust(cert, Ci.nsIX509Cert.ANY_CERT, Ci.nsIX509CertDB.UNTRUSTED);
	// Delete ???
	certdb.deleteCertificate(cert);
	}