This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Why does cert9.db continually get corrupted?

  • 4 replies
  • 1 has this problem
  • 12 views
  • Last reply by M

more options

Hi,

Almost daily, I have to delete cert9.db and restart Firefox, otherwise I can't access some websites, or even web interfaces of local devices on our LAN.

security.enterprise_roots.enabled is greyed out, so I can't change that but it is set to "true", which I believe means that it should be using Windows Cert store and not cert9.db. Yet still, deleting cert9.db is the solution to my issues.

Can anyone advise on what I can do for a more permanent fix?

Thanks,

M

Hi, Almost daily, I have to delete cert9.db and restart Firefox, otherwise I can't access some websites, or even web interfaces of local devices on our LAN. security.enterprise_roots.enabled is greyed out, so I can't change that but it is set to "true", which I believe means that it should be using Windows Cert store and not cert9.db. Yet still, deleting cert9.db is the solution to my issues. Can anyone advise on what I can do for a more permanent fix? Thanks, M

All Replies (4)

more options

If security.enterprise_roots.enabled is locked to true then this can mean that you have security software that want to inject its root certificate in Firefox to be able to intercept your internet traffic. It is possible that this isn't working properly.

You can check the about:policies page (63+) to see if policies are active and if errors are reported.

more options

Hi cor-el,

Thank you. I've checked this and it is inactive.

M

more options

A pref like security.enterprise_roots.enabled being greyed out can only be caused by an active policy or via an autoconfig.cfg file that has locked this pref. You might also notice a "Your browser is being managed by your organization" line at the top of the Settings page.

more options

Hi all,

Still getting this issue and I'm at the point of switching back to Chrome to be honest. It's just now usable in the current state. I need to login to many devices that only have their own self signed certificate and need a "manual trust", which is where it all goes wrong.

@cor-tel, I didn't really understand what you were trying to convey. This browser is not managed by my organisation, thoug the setting could be greyed out by security software as I understand it.

I've tried a reinstall of Firefox as well as a reset of Firefox. Still the issue persists.

Does anyone have any further suggestions? Note for reference that security.enterprise_roots.enabled appears to show that certificates are managed by Windows, despite it being greyed out. The reality seems to be different though.

Thanks,

M