Where did you install Firefox from? Help Mozilla uncover 3rd party websites that offer problematic Firefox installation by taking part in our campaign. There will be swag, and you'll be featured in our blog if you manage to report at least 10 valid reports!

Avatar for Username

Pomoc pśepytaś

Glědajśo se wobšudy pomocy. Njenapominajomy was nigda, telefonowy numer zawołaś, SMS pósłaś abo wósobinske informacije pśeraźiś. Pšosym dajśo suspektnu aktiwitu z pomocu nastajenja „Znjewužywanje k wěsći daś“ k wěsći.

Learn More

Toś ta nitka jo se archiwěrowała. Pšosym stajśo nowe pšašanje, joli trjebaśo pomoc.

Firefox add-ons disabled because Mozilla certificate untrusted

  • 3 wótegrona
  • 33 ma toś ten problem
  • 4 naglědy
  • Slědne wótegrono wót Bwanap

TVNS
TVNS
more options

The Firefox 6 add-ons manager is broken due to an untrusted certificates from Mozilla. This started with the 6.0 download, continued with 6.0.1 update, and continues even after deleting and reinstalling Firefox.

Symptom: displaying to the "Get Add-Ons" page produces a blank list asking "What are add-ons?", and saying all sorts of cool stuff will be listed if I was connected to the internet. The other tabs (appearances, extensions, plug-ins) display correct lists with several items each.

Symptom: Navigating 6.0.1 to addons.mozilla.org/en-US/firefox/ produces a text-only display and gives random warning the certificates are not trusted because the issuer is not trusted. The warning does *NOT* give the option to confirm the security certificate. >>> Displaying to the exact same page in Safari loads with pictures and gives no security warnings. <<<

Minimum fix requested: Need to find/install valid Firefox certificates so Firefox will trust Firefox to install Firefox add-ons coming from the Firefox website.

Even better fix requested: How to nuke the entire certificate list and start over with Mozilla's default list for new installs. What would be a good (minimum) list of trust certificates, and where to get them?

The Firefox 6 add-ons manager is broken due to an untrusted certificates from Mozilla. This started with the 6.0 download, continued with 6.0.1 update, and continues even after deleting and reinstalling Firefox. Symptom: displaying to the "Get Add-Ons" page produces a blank list asking "What are add-ons?", and saying all sorts of cool stuff will be listed if I was connected to the internet. The other tabs (appearances, extensions, plug-ins) display correct lists with several items each. Symptom: Navigating 6.0.1 to addons.mozilla.org/en-US/firefox/ produces a text-only display and gives random warning the certificates are not trusted because the issuer is not trusted. The warning does *NOT* give the option to confirm the security certificate. >>> Displaying to the exact same page in Safari loads with pictures and gives no security warnings. <<< Minimum fix requested: Need to find/install valid Firefox certificates so Firefox will trust Firefox to install Firefox add-ons coming from the Firefox website. Even better fix requested: How to nuke the entire certificate list and start over with Mozilla's default list for new installs. What would be a good (minimum) list of trust certificates, and where to get them?

Wšykne wótegrona (3)

TVNS
TVNS Pšašaŕ
more options

More info: the Firefox add-on certificate was not trusted because it was issued by an untrusted source. The untrusted source was VeriCert. Their certificates were listed in Firefox (advanced -> certificates), but deleting them had no effect. Restart Firefox and these deleted/untrusted certificates would magically reappear... multiple times. In fact. deleting *any* of the apparently useless certificates (ones from Turkey, Brazil, Germany, etc, and other places I will not be visiting any time soon) resulting in their immediate replacement.

Wonderful... 6.0.1 has zombie security certificates.

Minimum fix - install the 6.0.2 update. Imagine that. VeriCert is not listed any more but ValiCert is. And Firefox add-ons are working.

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

You can't remove build-in root certificates (Builtin Object Token). You can edit the certificate and remove the trust bits. That will make it no longer possible for them to be used as a root certificate.

The addons.mozilla.org uses a certificate issued by "VeriSign Class 3 Extended Validation SSL CA"
If you see something else then check that you aren't using a proxy or have security software (firewall) that intercept secure connections and send their own certificate.

Bwanap
Bwanap
more options

I have version 8.0 and this is still happening with Mozilla sites, how does htis make any sense?