- Clone https://github.com/angelyordanov/signTextJS
- Run
travis/osx..install
script or open it and run the steps manually - Run
travis/osx..script
- If all goes well you'll have a
signtextjs_plus-0.0.0-macos.dmg
in the repo root
-
-
Save angelyordanov/c89409dc565e3d92c1fc361222dff465 to your computer and use it in GitHub Desktop.
-
Install Gemalto drivers. Open https://www.b-trust.bg/services/signature-installation, enter your email and install just the Gemalto drivers (the one behind the MacOS link).
-
Install firefox 68 ESR and disable auto updates (source)
-
Mount
Firefox 68.12.0esr.dmg
and copyFirefox.app
to/Applications
renamed asFirefox 68 ESR
-
Remove quarantine set by macOS.
xattr -r -d com.apple.quarantine Firefox\ 68\ ESR.app
If you see an error on startup that says:
Firefox is damaged and can’t be opened. You should move it to the Trash.
. This means that you did not run this command. -
Deploy policies.json with auto updates disabled
cd Firefox\ 68\ ESR.app/Contents/Resources mkdir distribution cd distribution tee policies.json << EOF { "policies": { "AppAutoUpdate": false } } EOF
-
-
Add the following root certificates to the firefox chain.
-
B-Trust Root Qualified CA
-
B-Trust Operational Qualified CA
-
B-Trust Root Advanced CA
-
B-Trust Operational Advanced CA
-
The "Advanced" certificates are only required if you want to use the https://test.b-trust.org and not get a SSL error
Option 1: Open B-Trust certification chains page in firefox and install the certificates by clicking on the PEM link and adding all checkboxes in the dialog that FF shows.
Option 2:
1. Set firefox to use the keychain root certs by settingsecurity.enterprise_roots.enabled
totrue
inabout:config
2. Open B-Trust certification chains page and download the certificates by clicking on the DER link
3. Add them to the keychain by double clicking on each
4. OpenKeychain Access
, find the certificates and move them toSystem
5. Open each certificate inKeychain Access
and setAlways Trust
on all fieldsNote: Only option 1 seems to work, as option 2 gives the error
error:internalError
. Probably manually trusting the root certificate authorities inside FirefoxView Certificates...
will work but has not been tested. See this issue for details jasp00/signTextJS#29 (comment) (translation) -
-
Install the https://addons.mozilla.org/bg/firefox/addon/signtextjs-plus/ extension to firefox
-
Install signtextjs' native backend
- Make sure you have a folder
/Library/Application Support/Mozilla/NativeMessagingHosts/
(check the correct name in here) - Open the
signtextjs_plus-0.0.0-macos.dmg
created with the build_signTextJS.md (or one downloaded from https://github.com/jasp00/signTextJS/releases) - Move the two files
signtextjs_plus.app
andsigntextjs_plus.json
in theNativeMessagingHosts
folder that should be symlinked in the DMG
- Make sure you have a folder
-
Load the
Gemalto PKSC#11 Module
in Firefox- In
Preferences
openSecurity Devices
(at the bottom of the page) - Press
Load
and enterGemalto PKSC#11 Module
as the module name and/Library/Gemalto/libidprimepkcs11.dylib
as the module filename - Close the device manager and verify your smart card by opening
View Certificates...
and selecting the tabYour Certificates
- In
-
Verify signtext js installation by downloading locally https://raw.githubusercontent.com/jasp00/signTextJS/master/test/html/test.html and opening it in Firefox
-
Thank me later :)
-
Install Gemalto drivers. Open https://www.b-trust.bg/services/signature-installation, enter your email, download the installer and unarchive it wit 7zip, install just the Gemalto drivers.
-
Install firefox 78 ESR and disable automatic updates by placing the following policies.json in folder
distribution
next to where the firefox EXE is.C:\Program Files\Mozilla Firefox\distribution\policies.json { "policies": { "AppAutoUpdate": false } }
-
Add the following root certificates to the firefox chain.
-
B-Trust Root Qualified CA
-
B-Trust Operational Qualified CA
-
B-Trust Root Advanced CA
-
B-Trust Operational Advanced CA
-
The "Advanced" certificates are only required if you want to use the https://test.b-trust.org and not get a SSL error
Open B-Trust certification chains page in firefox and install the certificates by clicking on the PEM link and adding all checkboxes in the dialog that FF shows.
-
-
Install the https://addons.mozilla.org/bg/firefox/addon/signtextjs-plus/ extension to firefox
-
Install signtextjs' native backend vy downloading the latest release from the github page https://github.com/jasp00/signTextJS
-
Load the
Gemalto PKSC#11 Module
in Firefox- In
Preferences
openSecurity Devices
(at the bottom of the page) - Press
Load
and enterGemalto PKSC#11 Module
as the module name and/Library/Gemalto/libidprimepkcs11.dylib
as the module filename - Close the device manager and verify your smart card by opening
View Certificates...
and selecting the tabYour Certificates
- In
-
Verify signtext js installation by downloading locally https://raw.githubusercontent.com/jasp00/signTextJS/master/test/html/test.html and opening it in Firefox
Хвала тебе, Ангеле! F*ck you, B-trust!
Take my internet points, bro. Thanks
For mac computers with Apple silicon (M1), take a look on https://doncho.net/2021/09/nastroika-macbook-m1-macos-big-sur-b-trust-nap-pdf/comment-page-1/
Amazing! Thanks a ton!