keytool -keystore "C:\Documents and Settings\Stuart Thiel\Application Data\Sun\Java\Deployment\security\trusted.certs" -storepass "" -importcert -file stu.crt -noprompt
Where stu.crt is the cert exported from an accepted thing. We'll probably want to run this every time, in case it gets removed. Running it where a cert is already there gets a message that it's a duplicate and no import happens, so we can ignore it. If it's not in the right location, we'll get a message that the keystore isn't there, and we'll probably just ignore that and the user will have to accept certificates normally. Also, if the user has wisely password protected their keystore (which is not default behavior, as far as I can tell), then it'll not let us do the import.
We can build and execute the commandline thing from within firefox, I believe. nsICommandLineRunner maybe? Maybe nsILocalFile.launch()?
