This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Firefox add-ons disabled because Mozilla certificate untrusted

  • 3 cavab
  • 33 have this problem
  • 4 views
  • Last reply by Bwanap

more options

The Firefox 6 add-ons manager is broken due to an untrusted certificates from Mozilla. This started with the 6.0 download, continued with 6.0.1 update, and continues even after deleting and reinstalling Firefox.

Symptom: displaying to the "Get Add-Ons" page produces a blank list asking "What are add-ons?", and saying all sorts of cool stuff will be listed if I was connected to the internet. The other tabs (appearances, extensions, plug-ins) display correct lists with several items each.

Symptom: Navigating 6.0.1 to addons.mozilla.org/en-US/firefox/ produces a text-only display and gives random warning the certificates are not trusted because the issuer is not trusted. The warning does *NOT* give the option to confirm the security certificate. >>> Displaying to the exact same page in Safari loads with pictures and gives no security warnings. <<<

Minimum fix requested: Need to find/install valid Firefox certificates so Firefox will trust Firefox to install Firefox add-ons coming from the Firefox website.

Even better fix requested: How to nuke the entire certificate list and start over with Mozilla's default list for new installs. What would be a good (minimum) list of trust certificates, and where to get them?

The Firefox 6 add-ons manager is broken due to an untrusted certificates from Mozilla. This started with the 6.0 download, continued with 6.0.1 update, and continues even after deleting and reinstalling Firefox. Symptom: displaying to the "Get Add-Ons" page produces a blank list asking "What are add-ons?", and saying all sorts of cool stuff will be listed if I was connected to the internet. The other tabs (appearances, extensions, plug-ins) display correct lists with several items each. Symptom: Navigating 6.0.1 to addons.mozilla.org/en-US/firefox/ produces a text-only display and gives random warning the certificates are not trusted because the issuer is not trusted. The warning does *NOT* give the option to confirm the security certificate. >>> Displaying to the exact same page in Safari loads with pictures and gives no security warnings. <<< Minimum fix requested: Need to find/install valid Firefox certificates so Firefox will trust Firefox to install Firefox add-ons coming from the Firefox website. Even better fix requested: How to nuke the entire certificate list and start over with Mozilla's default list for new installs. What would be a good (minimum) list of trust certificates, and where to get them?

All Replies (3)

more options

More info: the Firefox add-on certificate was not trusted because it was issued by an untrusted source. The untrusted source was VeriCert. Their certificates were listed in Firefox (advanced -> certificates), but deleting them had no effect. Restart Firefox and these deleted/untrusted certificates would magically reappear... multiple times. In fact. deleting *any* of the apparently useless certificates (ones from Turkey, Brazil, Germany, etc, and other places I will not be visiting any time soon) resulting in their immediate replacement.

Wonderful... 6.0.1 has zombie security certificates.

Minimum fix - install the 6.0.2 update. Imagine that. VeriCert is not listed any more but ValiCert is. And Firefox add-ons are working.

more options

You can't remove build-in root certificates (Builtin Object Token). You can edit the certificate and remove the trust bits. That will make it no longer possible for them to be used as a root certificate.

The addons.mozilla.org uses a certificate issued by "VeriSign Class 3 Extended Validation SSL CA"
If you see something else then check that you aren't using a proxy or have security software (firewall) that intercept secure connections and send their own certificate.

more options

I have version 8.0 and this is still happening with Mozilla sites, how does htis make any sense?