Last active
July 1, 2018 20:29
-
-
Save szepeviktor/6caa8ef0b1240013e27a32cde50a3a55 to your computer and use it in GitHub Desktop.
Distrust all built-in Firefox CA-s
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// To be run in xpcshell | |
// Source: https://github.com/eqsoft/seb2/blob/15b9bf9282c1fe9b05e01434c3bdcaea64503714/certdb/app/modules/certdb.jsm#L354-L369 | |
let certdb = Cc["@mozilla.org/security/x509certdb;1"].getService(Ci.nsIX509CertDB); | |
let certlist = certdb.getCerts(); | |
let enumerator = certlist.getEnumerator(); | |
// Distrust all | |
while (enumerator.hasMoreElements()) { | |
let cert = enumerator.getNext().QueryInterface(Ci.nsIX509Cert); | |
// Display CA names | |
console.log("issuer: " + cert.issuerName); | |
// Distrust | |
certdb.setCertTrust(cert, Ci.nsIX509Cert.ANY_CERT, Ci.nsIX509CertDB.UNTRUSTED); | |
// Delete ??? | |
certdb.deleteCertificate(cert); | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment