Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
kb:cert_override [2018/07/30 20:24] – dstillman | kb:cert_override [2024/02/27 05:09] – [Zotero 7 (beta)] dstillman | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Security | + | ====== |
- | **Note:** These instructions are only for use with security software that intercepts/ | + | **Note:** These instructions are only for use with security software that intercepts/ |
+ | ===== Self-Signed Certificate ===== | ||
- | Zotero does not currently provide a graphical way to whitelist self-signed | + | Zotero does not currently provide a graphical way to whitelist self-signed certificates, |
+ | |||
+ | If you are using a WebDAV server with a self-signed certificate, | ||
+ | |||
+ | ==== Zotero 6 ==== | ||
+ | |||
+ | Zotero 6 expects a cert_override.txt file created by Firefox 60 ESR, with a line in this form: | ||
+ | |||
+ | < | ||
+ | |||
+ | If you create an override file with a newer version of Firefox, your cert_override.txt file may contain a line with a trailing colon after the port number (" | ||
+ | |||
+ | < | ||
+ | |||
+ | To use such a file in Zotero 6, strip the colon from after the port number and add a " | ||
+ | ==== Zotero 7 (beta) ==== | ||
+ | |||
+ | Zotero 7 can currently read a cert_override.txt file from Firefox 102 ESR. A file from a later version of Firefox will not work at this time. | ||
+ | ===== Custom Certificate Authority ===== | ||
+ | If you or your organization is using a custom certificate authority, which can be the case when using security software or connecting via a proxy server, Zotero may need to be configured to accept the custom CA: | ||
+ | |||
+ | * **Windows: | ||
+ | * **Mac/ | ||
+ | * **Zotero 6**: Zotero is based on Firefox and uses the same certificate mechanism, so you or your IT department will need to configure Firefox for the custom CA in a new Firefox profile and then copy the cert9.db, key4.db, and pkcs11.txt files from the [[http:// | ||
+ | * Firefox 63 and later will automatically use the system root certificate store on macOS. If Firefox is using the system root store, your IT department may not have added its custom certificate to the certificate database in the Firefox profile directory, and copying the above-mentioned files to the Zotero profile directory may not work. Your IT department will need to [[https:// | ||
+ | * To add the CA certificate to the certificate database yourself, you can try to use the [[https:// | ||
+ | * **Zotero 7**: Zotero 7 will support automatically using system root certificates. Zotero 7 is currently in [[https:// | ||
- | * If you are using a WebDAV server with a self-signed certificate, | ||
- | * If you or your organization is using a custom certificate authority, which can be the case when using security software or connecting via a proxy server, you or your IT department will need to configure Firefox 52 ESR for the custom CA and then copy the cert8.db file from the [[http:// | ||
{{tag>kb }} | {{tag>kb }} |