The only evidence I have found is:-
The user kbrosnan in this thread http://support.mozilla.org/en-US/questions/808899 mentions that Firefox uses its own CA list.
On this site http://www.jethrocarr.com/2012/01/04/custom-ca-certificates-and-android/ Jethro carr mentions that "Websites are a bit different, since at least some of the browsers glares at firefox mobile rely on their own internal certificate databases, and not the Android OS DB".
I cannot find any concrete evidence anywhere that suggests Firefox is using the devices certificate store (Settings > Security > Trusted Credentials).
The reason I am asking this is because I have a CA-Root certificate that I have installed on the device and Firefox does not trust when I make a connection, which to me looks as if it is not looking at the devices certificate store and that Firefox has its own list of trusted CA's.
Please note that installing this certificate on the Desktop version of Firefox works perfectly without any issues.
I am using:
Firefox version: 18.0 / Phone: Samsung Galaxy S3 / Android version: 4.1.2
Many Thanks.
Mozilla explains in a blog post that Firefox and Thunderbird have been using the company's own root store since their inception.
Depending on your version of Mozilla or Firefox, the path to this window could be any of the following: Edit->Preferences->Privacy & Security->Certificates->Manage Certificates. Edit->Preferences->Advanced->Security->View Certificates. Tools->Options->Advanced->Certificates->Manage Certificates.
Open Settings. Tap “Security” Tap “Encryption & credentials” Tap “Trusted credentials.” This will display a list of all trusted certs on the device.
Chosen solution Firefox does not use the native Android download manger. It uses its own. The download folder is /sdcard/download/.
This is correct. Firefox Mobile for Android currently users its own certificate database and not the native Android one.
User OERNii created a Cert Manager Plug in for Firefox Mobile but it only supports versions 9-13. More information can be found at https://addons.mozilla.org/en-US/mobile/addon/cert-manager/. Due to the dramatic updates in the FF code over the past year, the cert DB does not interface in the same fashion as before and any updates to incorporate certificate management would require extensive Firefox research.
The native Android Browser packaged with Android 4.0+ utilizes the native Android trust store and allows users to perform TLS client authentication.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With