diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..25809a7
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+cert9.db
+key4.db
+pkcs11.txt
\ No newline at end of file
diff --git a/README-original.md b/README-original.md
new file mode 100644
index 0000000..6401dd2
--- /dev/null
+++ b/README-original.md
@@ -0,0 +1,23 @@
+b2g-certificates
+================
+
+A shell script to add root certificates to Firefox OS
+
+*The script originates at Enrico's [pending.io](http://www.pending.io/add-cacert-root-certificate-to-firefox-os/) where the discussion came up to enhance the script. The following is the initial documentation taken from that page as well. Anyone is welcome to contribute.*
+
+While being quite happy with my new Firefox OS phone so far, the biggest stopper for me was that, like all Mozilla products, the root certificate of [CAcert](https://www.cacert.org) was not included and so I could not access sites using certificates assured by CAcert.
+
+Recent versions of [Gaia](https://github.com/mozilla-b2g/gaia) allow to accept untrusted site certificates in the browser but in case you want to use an IMAP server or Caldav server which is using a CAcert assured certificate, you are still stuck.
+
+Based on a post by [Carmen Jiménez Cabezas](https://groups.google.com/forum/?fromgroups#!topic/mozilla.dev.b2g/B57slgVO3TU), I wrote a script to read the certificate database from the phone (via adb), add some certificates and then write the database back to the phone. After this procedure, the CAcert root certificate (or any other) are known by the phone and can be used. This enabled me to access my own IMAP server via SSL from the Email app and also use a self-hosted groupware as Caldav server for the Calendar app via HTTPS.
+
+How-to
+------
+
+Save the script somewhere on your system.
+
+Once done, add a new directory in the directory where you stored the script and place the certificates which you want to add to the phone's database in the sub directory 'certs'. For CAcert, this would be the class 3 root certificate in PEM format as found on the [CAcert website](https://www.cacert.org/index.php?id=3).
+
+Then simply run the script.
+
+Note: before running the script you need to enable 'Remote debugging' in the Developer settings menu and connect your phone with your PC using a USB cable (or more general: get adb working).
diff --git a/README.md b/README.md
index 6401dd2..6b197ca 100644
--- a/README.md
+++ b/README.md
@@ -1,23 +1,32 @@
-b2g-certificates
-================
+# b2g-certificates
 
 A shell script to add root certificates to Firefox OS
 
-*The script originates at Enrico's [pending.io](http://www.pending.io/add-cacert-root-certificate-to-firefox-os/) where the discussion came up to enhance the script. The following is the initial documentation taken from that page as well. Anyone is welcome to contribute.*
+[Original README](README-original.md)
 
-While being quite happy with my new Firefox OS phone so far, the biggest stopper for me was that, like all Mozilla products, the root certificate of [CAcert](https://www.cacert.org) was not included and so I could not access sites using certificates assured by CAcert.
+Linux (Debian & Ubuntu): 
 
-Recent versions of [Gaia](https://github.com/mozilla-b2g/gaia) allow to accept untrusted site certificates in the browser but in case you want to use an IMAP server or Caldav server which is using a CAcert assured certificate, you are still stuck.
+```bash
+sudo apt-get install libnss3-tools adb wget
+git clone https://github.com/openGiraffes/b2g-certificates
+cd b2g-certificates
 
-Based on a post by [Carmen Jiménez Cabezas](https://groups.google.com/forum/?fromgroups#!topic/mozilla.dev.b2g/B57slgVO3TU), I wrote a script to read the certificate database from the phone (via adb), add some certificates and then write the database back to the phone. After this procedure, the CAcert root certificate (or any other) are known by the phone and can be used. This enabled me to access my own IMAP server via SSL from the Email app and also use a self-hosted groupware as Caldav server for the Calendar app via HTTPS.
+chmod +x ./add-certificates-to-phone.sh
+./add-certificates-to-phone.sh
 
-How-to
-------
+# If you are using WSL, please run this (Need to set Android Platform Tools as an environment variable)
+chmod +x ./add-certificates-to-phone-wsl.sh
+./add-certificates-to-phone-wsl.sh
+```
 
-Save the script somewhere on your system.
+Windows Batch(Testing and NSS `certutil` reported an error):
 
-Once done, add a new directory in the directory where you stored the script and place the certificates which you want to add to the phone's database in the sub directory 'certs'. For CAcert, this would be the class 3 root certificate in PEM format as found on the [CAcert website](https://www.cacert.org/index.php?id=3).
+```batch
+add-certificates-to-phone.bat
+```
 
-Then simply run the script.
+NSS (Windows, 3.35.0, fron AdGuard) `certutil` reported an error:
+```
+certutil.exe: function failed: SEC_ERROR_LEGACY_DATABASE: The certificate/key database is in an old, unsupported format.
+```
 
-Note: before running the script you need to enable 'Remote debugging' in the Developer settings menu and connect your phone with your PC using a USB cable (or more general: get adb working).
diff --git a/add-certificates-to-phone-wsl.sh b/add-certificates-to-phone-wsl.sh
new file mode 100644
index 0000000..7dbc897
--- /dev/null
+++ b/add-certificates-to-phone-wsl.sh
@@ -0,0 +1,61 @@
+#!/bin/bash
+
+CERT_DIR=certs
+ROOT_DIR_DB=/data/b2g/mozilla
+CERT=cert9.db
+KEY=key4.db
+PKCS11=pkcs11.txt
+DB_DIR=`adb.exe shell "ls -d ${ROOT_DIR_DB}/*.default 2>/dev/null" | sed "s/default.*$/default/g"`
+
+if [ "${DB_DIR}" = "" ]; then
+  echo "Profile directory does not exists. Please start the b2g process at
+least once before running this script."
+  exit 1
+fi
+
+function log
+{
+    GREEN="\E[32m"
+    RESET="\033[00;00m"
+    echo -e "${GREEN}$1${RESET}"
+}
+
+# cleanup
+rm -f ./$CERT
+rm -f ./$KEY
+rm -f ./$PKCS11
+
+# pull files from phone
+log "getting ${CERT}"
+adb.exe pull ${DB_DIR}/${CERT} .
+log "getting ${KEY}"
+adb.exe pull ${DB_DIR}/${KEY} .
+log "getting ${PKCS11}"
+adb.exe pull ${DB_DIR}/${PKCS11} .
+
+# clear password and add certificates
+log "set password (hit enter twice to set an empty password)"
+certutil -d 'sql:.' -N
+
+log "adding certificats"
+for i in ${CERT_DIR}/*
+do
+  log "Adding certificate $i"
+  certutil -d 'sql:.' -A -n "`basename $i`" -t "C,C,TC" -i $i
+done
+
+# push files to phone
+log "stopping b2g"
+adb.exe shell stop b2g
+
+log "copying ${CERT}"
+adb.exe push ./${CERT} ${DB_DIR}/${CERT}
+log "copying ${KEY}"
+adb.exe push ./${KEY} ${DB_DIR}/${KEY}
+log "copying ${PKCS11}"
+adb.exe push ./${PKCS11} ${DB_DIR}/${PKCS11}
+
+log "starting b2g"
+adb.exe shell start b2g
+
+log "Finished."
diff --git a/add-certificates-to-phone.bat b/add-certificates-to-phone.bat
new file mode 100644
index 0000000..14ad2b7
--- /dev/null
+++ b/add-certificates-to-phone.bat
@@ -0,0 +1,55 @@
+@echo off
+:: Set environment variable
+set CERT_DIR=certs
+set CERT=cert9.db
+set KEY=key4.db
+set PKCS11=pkcs11.txt
+for /f %%i in ('adb shell "ls -d /data/b2g/mozilla/*.default 2>/dev/null" ^|^| "bin/sed.exe" "s/default.*$/default/g"') do set DB_DIR=%%i
+
+if DB_DIR == "" (
+    echo "Profile directory does not exists. Please start the b2g process at least once before running this script."
+    pause
+)
+
+:: Cleanup
+del /f %CERT%
+del /f %KEY%
+del /f %PKCS11%
+
+:: Pull files from phone
+@echo Getting %CERT%
+adb pull %DB_DIR%/%CERT% .
+
+@echo Getting %KEY%
+adb pull %DB_DIR%/%KEY% .
+
+@echo Getting %PKCS11%
+adb pull %DB_DIR%/%PKCS11% .
+
+:: Clear password and add certificates
+@echo Set password (hit enter twice to set an empty password)
+"bin/nss/certutil.exe" -d 'sql:.' -N
+
+@echo Adding certificats
+for %%i in (%CERT_DIR%/*) do (
+    echo Adding certificate %%i
+    "bin/nss/certutil.exe" -d 'sql:.' -A -n "`basename %%i`" -t "C,C,TC" -i %CERT_DIR%/%%i
+)
+
+:: Push files to phone
+@echo Stopping B2G
+adb shell stop b2g
+
+@echo copying %CERT%
+adb push ./%CERT% %DB_DIR%/%CERT%
+@echo copying %KEY%
+adb push ./%KEY% %DB_DIR%/%KEY%
+@echo copying %PKCS11%
+adb push ./%PKCS11% %DB_DIR%/%PKCS11%
+
+@echo Starting B2G
+adb shell start b2g
+
+@echo Finished.
+
+pause
\ No newline at end of file
diff --git a/bin/nss/certutil.exe b/bin/nss/certutil.exe
new file mode 100644
index 0000000..76ecdd9
Binary files /dev/null and b/bin/nss/certutil.exe differ
diff --git a/bin/nss/freebl3.dll b/bin/nss/freebl3.dll
new file mode 100644
index 0000000..89af6f2
Binary files /dev/null and b/bin/nss/freebl3.dll differ
diff --git a/bin/nss/libnspr4.dll b/bin/nss/libnspr4.dll
new file mode 100644
index 0000000..d04f6b7
Binary files /dev/null and b/bin/nss/libnspr4.dll differ
diff --git a/bin/nss/libplc4.dll b/bin/nss/libplc4.dll
new file mode 100644
index 0000000..afec870
Binary files /dev/null and b/bin/nss/libplc4.dll differ
diff --git a/bin/nss/libplds4.dll b/bin/nss/libplds4.dll
new file mode 100644
index 0000000..23a7307
Binary files /dev/null and b/bin/nss/libplds4.dll differ
diff --git a/bin/nss/nss3.dll b/bin/nss/nss3.dll
new file mode 100644
index 0000000..108d751
Binary files /dev/null and b/bin/nss/nss3.dll differ
diff --git a/bin/nss/nssckbi.dll b/bin/nss/nssckbi.dll
new file mode 100644
index 0000000..b0b0f9c
Binary files /dev/null and b/bin/nss/nssckbi.dll differ
diff --git a/bin/nss/nssdbm3.dll b/bin/nss/nssdbm3.dll
new file mode 100644
index 0000000..30310c3
Binary files /dev/null and b/bin/nss/nssdbm3.dll differ
diff --git a/bin/nss/nssutil3.dll b/bin/nss/nssutil3.dll
new file mode 100644
index 0000000..af721dc
Binary files /dev/null and b/bin/nss/nssutil3.dll differ
diff --git a/bin/nss/smime3.dll b/bin/nss/smime3.dll
new file mode 100644
index 0000000..3fb64b6
Binary files /dev/null and b/bin/nss/smime3.dll differ
diff --git a/bin/nss/softokn3.dll b/bin/nss/softokn3.dll
new file mode 100644
index 0000000..32b3c27
Binary files /dev/null and b/bin/nss/softokn3.dll differ
diff --git a/bin/nss/sqlite3.dll b/bin/nss/sqlite3.dll
new file mode 100644
index 0000000..616f652
Binary files /dev/null and b/bin/nss/sqlite3.dll differ
diff --git a/bin/sed.exe b/bin/sed.exe
new file mode 100644
index 0000000..9c6ec21
Binary files /dev/null and b/bin/sed.exe differ
diff --git a/certs/isrgrootx1.pem b/certs/isrgrootx1.pem
new file mode 100644
index 0000000..b85c803
--- /dev/null
+++ b/certs/isrgrootx1.pem
@@ -0,0 +1,31 @@
+-----BEGIN CERTIFICATE-----
+MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw
+TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
+cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4
+WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu
+ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY
+MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc
+h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+
+0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U
+A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW
+T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH
+B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC
+B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv
+KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn
+OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn
+jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw
+qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI
+rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV
+HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq
+hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL
+ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ
+3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK
+NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5
+ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur
+TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC
+jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc
+oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq
+4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA
+mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d
+emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=
+-----END CERTIFICATE-----