abstract firefox guides for ca and tor

2026-04-02 05:23:18 +00:00 · 2023-11-19 09:13:19 -07:00
parent 24e051aa3f
commit 6cfd6c0206
14 changed files with 263 additions and 328 deletions
--- a/site/source/device-guides/linux/ca-linux.rst
+++ b/site/source/device-guides/linux/ca-linux.rst
@@ -6,11 +6,6 @@ Trusting Your Root CA on Linux

 .. caution:: If you cannot connect following this guide, you may be using an application (such as Firefox) that is installed in a jailed environment, such as an appimage, flatpak, or snap. Please try an alternate install method if so.

-.. _ca-linux-trust:
-
-Trusting
--------
-
 .. tabs::

    .. group-tab:: Debian/Ubuntu
@@ -40,6 +35,8 @@ Trusting

            In the output it should say ``1 added`` if it was successful.  For most applications, you will now be able to securely connect via ``https``.

+        #. If using Firefox (recommended), complete :ref:`this final step <ca-ff>`
+
    .. group-tab:: Arch/Garuda

        #. Ensure you have already :ref:`downloaded your Root CA <root-ca-download>`
@@ -74,47 +71,3 @@ Trusting
                sudo cp "adjective-noun.local.crt" /etc/pki/ca-trust/source/anchors/
                sudo update-ca-trust

-.. _ca-linux-ff:
-
-If using Firefox (recommended)
------------------------------
-
-This guide applies to Firefox, Firefox ESR, Librewolf, and Thunderbird. Mozilla apps need to be configured to use the certificate store of your device. To find out why Mozilla does this differently, you can read their `blog post <https://blog.mozilla.org/security/2019/02/14/why-does-mozilla-maintain-our-own-root-certificate-store/>`_ on the topic (TLDR: for security purposes).
-
-#. Select your distribution below and follow instructions:
-
-    .. tabs::
-
-        .. group-tab:: Debian/Ubuntu
-
-            #. Select the hamburger menu -> ``Settings``. Search for ``security devices`` and select ``Security Devices...``
-
-                .. figure:: /_static/images/ssl/linux/cert-trust-linux-firefox-p11kit-1.png
-                    :width: 60%
-                    :alt: Mozilla application p11kit trust #1
-
-            #. When the Device Manager dialog window opens, select ``Load``
-
-                .. figure:: /_static/images/ssl/linux/cert-trust-linux-firefox-p11kit-2.png
-                    :width: 60%
-                    :alt: Mozilla application p11kit trust #2
-
-            #. Give the Module Name a title such as "System CA Trust Module". For the Module filename, paste in ``/usr/lib/x86_64-linux-gnu/pkcs11/p11-kit-trust.so`` and hit ``OK``
-
-                .. figure:: /_static/images/ssl/linux/cert-trust-linux-firefox-p11kit-3.png
-                    :width: 60%
-                    :alt: Mozilla application p11kit trust #3
-                
-                .. tip:: The path to p11-kit-trust.so will be slightly different if your processor's architecture is not x86_64.
-
-            #. Verify that the new module shows up on the left hand side and select ``OK`` at the bottom right:
-
-                .. figure:: /_static/images/ssl/linux/cert-trust-linux-firefox-p11kit-4.png
-                    :width: 60%
-                    :alt: Mozilla application p11kit trust #4
-
-        .. group-tab:: Arch/Garuda/CentOS/Fedora
-
-            No special steps are needed for Arch/Garuda/CentOS/Fedora. Continue below.
-
-#. Restart Firefox