This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

DigiNotar Root CA listed in about:certificate

  • 1 reply
  • 3 have this problem
  • 1 view
  • Last reply by cor-el

terriblenihilist
terriblenihilist
more options

I opened about:certificate to make sure my local O/S certs were in order and noticed the Servers tab and after opening it saw that DigiNotar Root CA was the one and only entry. I know all about the DigiNotar fiasco and how their root cert was left enabled after the NL government took over in order to prevent a bunch more problems. However, I don't understand why that cert is listed in my Servers tab and why it isn't anywhere in my Settings -> Certificates options window. I have used a couple self-signed certs in the past for localhost web server stuff where I got tired of the SSL warning over HTTP on my local domain, but otherwise only have my PGP key and haven't messed with anything otherwise. Should I be worried? This thing happened several years ago and the Root Cert I have is listed as expiring in about a year and a half.

Running Windows 11 Pro and Firefox 114.0.1 (64-bit)

I opened about:certificate to make sure my local O/S certs were in order and noticed the Servers tab and after opening it saw that DigiNotar Root CA was the one and only entry. I know all about the DigiNotar fiasco and how their root cert was left enabled after the NL government took over in order to prevent a bunch more problems. However, I don't understand why that cert is listed in my Servers tab and why it isn't anywhere in my Settings -> Certificates options window. I have used a couple self-signed certs in the past for localhost web server stuff where I got tired of the SSL warning over HTTP on my local domain, but otherwise only have my PGP key and haven't messed with anything otherwise. Should I be worried? This thing happened several years ago and the Root Cert I have is listed as expiring in about a year and a half. Running Windows 11 Pro and Firefox 114.0.1 (64-bit)
Attached screenshots

Chosen solution

This is not about the real DigiNotar certificate, but about a fake certificate that is used to make it impossible to override the blocking.

Read this answer in context 👍 2

All Replies (1)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

Chosen Solution

This is not about the real DigiNotar certificate, but about a fake certificate that is used to make it impossible to override the blocking.