Setting up Firefox

sslhappy-ca | dovecot-clientcert | thunderbird | apache-clientcert | firefox

Setup

    system style
    general/ X ctrl-tab cycles through
    home/ custom url
    search/ google
    search/ X search suggestions

Add-ons

• Adblock Plus
• uBlock Origin
• NoScript
• Facebook Container
• Download Manager

Tuning

prevent last tab to close it all

…

prevent search text highlights

draft

In mozilla firefox: https://www.arungudelli.com/tutorial/css/disable-text-selection-in-html-using-user-select-css-property/#in-mozilla-firefox

Enabling the client certificate

on the workstation as user

Convert the separated .crt and .key files to a single PKCS12 certificate for Firefox.

openssl pkcs12 -export -in lenovo.example.local.crt -inkey lenovo.example.local.key -out lenovo.example.local.p12 -CAfile /etc/ssl/cacert.pem
chmod 400 lenovo.example.local.p12
ls -lhF lenovo.example.local.*

The -chain argument was not used because we have a simple chain of trust: one CA and one client cert that are directly linked.

We used the same export password for the PCKCS12 certificate as for the passphrase of the private key.

Importing the .p12 file into Firefox

Edit > Preferences
Advanced // View Certificates // Your Certificates
Import...
(provide unlock/export password)

Then when trying to access the page again with our Firefox browser, the user will be prompted on what certificate to provide to the server:

and the page displays fine when selecting the previously imported certificate.

Bypassing national restrictions

Install friGate3 add-on on your web browser (tested with Firefox), add the target domain into List of sites e.g.,

rutracker.org

and edit the Proxy Servers e.g. to access https://thepiratebay.org/ from France,

https://ru-92-53-1.friproxy0.biz:443 [RU]
https://ru-85-60-1.friproxy0.eu:443 [RU]
https://ru-82-204-3.friproxy.eu:443 [RU]
https://ru-93-78-1.fri-gate.biz:443 [RU]
https://ru-93-78-3.fri-gate0.eu:443 [RU]
https://ru-92-53-5.friproxy.biz:443 [RU]
https://ru-85-60-5.fri-gate.biz:443 [RU]
https://ru-85-60-3.fri-gate0.biz:443 [RU]
https://ru-92-53-3.fri-gate.biz:443 [RU]
https://ru-93-78-5.fri-gate0.org:443 [RU]
https://ru-82-204-1.fri-gate0.eu:443 [RU]
https://ru-82-204-5.fri-gate0.org:443 [RU]

or access http://rutracker.org from Russia,

https://fr-220-163-3.fri-gate0.eu:443 [FR]
https://uk-170-185-1.fri-gate0.org:443 [UK]
https://fl-170-185-1.fri-gate.biz:443 [FL]
https://fr-221-177-1.friproxy0.eu:443 [FR]

Java

see java-web

Alternate browser

Opera settings

hide side bar
small font

P11-KIT

see mozilla-p11

Resources

add-ons

https://addons.mozilla.org/en-US/firefox/addon/noscript/

npapi

NPAPI Plugins in Firefox https://blog.mozilla.org/futurereleases/2015/10/08/npapi-plugins-in-firefox/