This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Site certificate won't stay deleted

  • 2 replies
  • 1 has this problem
  • 45 views
  • Last reply by petteyg359

more options

I'm on Firefox 70.0.1 on macOS Mojave 10.14.6, admin user. My problem is that I have an old cert for a site and a new one, and every time I try to delete the old one, it just comes right back. Any ideas for how to make it stay deleted?

I'm on Firefox 70.0.1 on macOS Mojave 10.14.6, admin user. My problem is that I have an old cert for a site and a new one, and every time I try to delete the old one, it just comes right back. Any ideas for how to make it stay deleted?

Chosen solution

Is this about an intermediate certificate that is part of a certificate chain?

You can try to close (Quit) and restart Firefox after deleting this certificate ? You may have to repeat this.

If this doesn't help then delete cert9.db and possibly cert8.db in the profile folder with Firefox closed. Note that this will remove all intermediate certificates that Firefox has cached from visiting websites, so you may have a problem with servers that do not send a complete certificate chain.

You can use the button on the "Help -> Troubleshooting Information" (about:support) page to go to the current Firefox profile folder or use the about:profiles page.

Read this answer in context 👍 1

All Replies (2)

more options

Chosen Solution

Is this about an intermediate certificate that is part of a certificate chain?

You can try to close (Quit) and restart Firefox after deleting this certificate ? You may have to repeat this.

If this doesn't help then delete cert9.db and possibly cert8.db in the profile folder with Firefox closed. Note that this will remove all intermediate certificates that Firefox has cached from visiting websites, so you may have a problem with servers that do not send a complete certificate chain.

You can use the button on the "Help -> Troubleshooting Information" (about:support) page to go to the current Firefox profile folder or use the about:profiles page.

more options

I have run into this issue, and have a guess at the cause. I expire my client certificates every 90 days. If I install the renewed certificate before uninstalling the expired one, Firefox runs into this stupidity where it simply will not delete either one (and it always defaults to selecting the expired one, so I have to remember to change the selection every time I load the secured site) and I have to resort to the brute-force deletion of cert9.db. Make sure to delete any old certificates for the same DN before installing a new one.

Modified by petteyg359