After installation, Kaspersky Endpoint Security adds a Kaspersky certificate to the system storage for trusted certificates (Windows certificate store). By default, Firefox and Thunderbird use their own proprietary Mozilla certificate store instead of the Windows certificate store. If Kaspersky Security Center is deployed in your organization and a policy is being applied to a computer, Kaspersky Endpoint Security automatically enables use of the Windows certificate store in Firefox and Thunderbird to scan the traffic of these applications. If a policy is not being applied to the computer, you can choose the certificate storage that will be used by Mozilla applications. If you selected the Mozilla certificate store, manually add a Kaspersky certificate to it. This will help avoid errors when working with HTTPS traffic.
To scan traffic in the Mozilla Firefox browser and the Thunderbird mail client, you must enable the Encrypted Connections Scan. If Encrypted Connections Scan is disabled, Kaspersky Endpoint Security does not scan traffic in the Mozilla Firefox browser and Thunderbird mail client.
Prior to adding a certificate to the Mozilla store, export the Kaspersky certificate from the Windows Control Panel (browser properties). For details about exporting the Kaspersky certificate, please refer to the Technical Support Knowledge Base. For details about adding a certificate to storage, visit the Mozilla technical support website.
You can choose the certificate store only in the local interface of the application.
To choose a certificate store for scanning encrypted connections in Firefox and Thunderbird: