mkaply
commented
4 years ago Do you have it as a string? I'm not sure why you posted as Hex. Should be:
https://github.com/mozilla/policy-templates/blob/master/README.md#securitydevices
Closed zim333 closed 4 years ago
mkaply
commented
4 years ago Do you have it as a string? I'm not sure why you posted as Hex. Should be:
https://github.com/mozilla/policy-templates/blob/master/README.md#securitydevices
zim333
commented
4 years ago Hello Mike, Yes i have it as a string on registry like this :
NAME TYPE Value CPS reg_expand_sz C:\Windows\SysWOW64\cps3_pkcs11_w32.dll
I have posted the hex value on my original post because this is how it looks like when you "export" the registry key to a reg file.
Best regards.
zim333
commented
4 years ago 
zim333
commented
4 years ago This is the zipped dll i am trying to load as a security module. It works "manually" but not via GPO
mkaply
commented
4 years ago I'm still debugging the "why" but it appears that somehow the new REG_EXPAND_SZ is not working on the ESR (even though the code should be there).
If you need this immediately, my suggestion would be to go back to the previous version of the ADM template - https://github.com/mozilla/policy-templates/releases/tag/v1.8.2
I'm actively investigating this and hope to have a definitive answer soon.
mkaply
commented
4 years ago Actually, I see the problem.
You should be using these templates:
https://github.com/mozilla/policy-templates/releases/tag/v1.7
This is the last version that works with Firefox 60.
The current templates aren't supported on 60 because of the change to EXPAND_SZ and MULTI_SZ.
zim333
commented
4 years ago Hello Mike, It works perfectly with version 1.7 of policy. I will stay with this version of policy until we jump to firefox 68.x ESR. Thank you !
Hello, I am trying to load a security device on firefox with GPO but it doesn't work. This is my configuration :
We deployed a msi called "Cryptolib CPS" ( https://esante.gouv.fr/services/espace-cps/telechargements-libres/cryptolib-cps-windows)
A security device must be loaded on firefox, so i have configured a GPO to load the pkcs11 file.
On client computer; i have the correct key in registry :
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\Firefox\SecurityDevices]"CPS"=hex(2):43,00,3a,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,5c,00,\ 53,00,79,00,73,00,57,00,4f,00,57,00,36,00,34,00,5c,00,63,00,70,00,73,00,33,\ 00,5f,00,70,00,6b,00,63,00,73,00,31,00,31,00,5f,00,77,00,33,00,32,00,2e,00,\ 64,00,6c,00,6c,00,00,00
Unfortunately, the device is not loaded "automatically". Additionaly, when i try to load it "manually" via menu, its works.
Best regards, Lulzim KELMENI