This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

How to decipher info on certificate exception

  • 4 odgovori
  • 5 ima ovaj problem
  • 37 views
  • Posljednji odgovor poslao FoxyFirey

more options

I'm using Firefox 8 on Windows 7 Professional 64-bit.

I was browsing qriocity.com and was presented with a notification that the credentials didn't match (something to that effect). I chose the option to add an exception, thinking that I can easily find and remove the exception. After much googling, I found that the likely way to do this is to got to Tools->Options->Advanced-Encryption->ViewCertificates. The only tabs that are not empty are the Servers and Authorities tabs. In the Servers tab, I found an entry under "Comodo CA Limited" that looked related to the qriocity site:

  Certificate Name: *.support.sonyentertainmentnetwork.com
  Server: qriocity-en-us.custhelp.com:443

Without any other information, I would decide to delete this entry. However, I was wondering if these are in fact certificate *exceptions* that I am looking at. As well, knowing *when* the exception was added would eliminate any doubt that it is the exception I added just now. Is there a way to show the date added? Such a field doesn't seem to exist when I click on "View...".

On a separate but related matter, I was also looking for something relevant in the Authorities tab. Are these all authorities that I added, possibly implicitly and unknowningly? Is there a way (and is it wise) to reduce this list to what it would be for a virgin installation of Firefox?

I'm using Firefox 8 on Windows 7 Professional 64-bit. I was browsing qriocity.com and was presented with a notification that the credentials didn't match (something to that effect). I chose the option to add an exception, thinking that I can easily find and remove the exception. After much googling, I found that the likely way to do this is to got to Tools->Options->Advanced-Encryption->ViewCertificates. The only tabs that are not empty are the Servers and Authorities tabs. In the Servers tab, I found an entry under "Comodo CA Limited" that looked related to the qriocity site: Certificate Name: *.support.sonyentertainmentnetwork.com Server: qriocity-en-us.custhelp.com:443 Without any other information, I would decide to delete this entry. However, I was wondering if these are in fact certificate *exceptions* that I am looking at. As well, knowing *when* the exception was added would eliminate any doubt that it is the exception I added just now. Is there a way to show the date added? Such a field doesn't seem to exist when I click on "View...". On a separate but related matter, I was also looking for something relevant in the Authorities tab. Are these all authorities that I added, possibly implicitly and unknowningly? Is there a way (and is it wise) to reduce this list to what it would be for a virgin installation of Firefox?

Izmjenjeno od strane FoxyFirey

Izabrano rješenje

Entries that you see on the Server tab are permanent exceptions that you've accepted and those are stored in the file cert_override.txt in the profile folder.

Entries on the Authorites tabs are either build-in root certificates or intermediate certificates that Firefox automatically stores.

  • Build-in root certificates show as "Builtin Object Token" on the Authorities tab in the Certificate Manager.
  • Stored intermediate certificates show as "Software Security device".
Pročitajte ovaj odgovor sa objašnjenjem 👍 2

All Replies (4)

more options

Odabrano rješenje

Entries that you see on the Server tab are permanent exceptions that you've accepted and those are stored in the file cert_override.txt in the profile folder.

Entries on the Authorites tabs are either build-in root certificates or intermediate certificates that Firefox automatically stores.

  • Build-in root certificates show as "Builtin Object Token" on the Authorities tab in the Certificate Manager.
  • Stored intermediate certificates show as "Software Security device".
more options

Hello, cor-el,

I looked in cert_override.txt to see if contains the date of added exceptions. The file is dated approximately in the time I was looking at the Server tab entries (and I did in fact delete the relevant looking entry). However it is empty with the exception of the following comment-looking lines:

# PSM Certificate Override Settings file
# This is a generated file!  Do not edit.

The file remained empty even when I exited Firefox. However, when I restarted Firefox and checked the Server tab, and it is certainly not empty. There are 10 entries under "The USERTRUST Network".

So I was wondering if cert_override.txt is suppose to be a complete copy of all of the contents of the Server tab?

Furthermore, is there a way to determine when the Server tab entries were added?

Izmjenjeno od strane FoxyFirey

more options

The certificates may be stored in cert8.db along with the other intermediate certificates if the cert_override.txt file is empty.

more options

Oh. Not text. OK. Thanks.