Site certificate won't stay deleted
I'm on Firefox 70.0.1 on macOS Mojave 10.14.6, admin user. My problem is that I have an old cert for a site and a new one, and every time I try to delete the old one, it just comes right back. Any ideas for how to make it stay deleted?
Chosen solution
Is this about an intermediate certificate that is part of a certificate chain?
You can try to close (Quit) and restart Firefox after deleting this certificate ? You may have to repeat this.
If this doesn't help then delete cert9.db and possibly cert8.db in the profile folder with Firefox closed. Note that this will remove all intermediate certificates that Firefox has cached from visiting websites, so you may have a problem with servers that do not send a complete certificate chain.
You can use the button on the "Help -> Troubleshooting Information" (about:support) page to go to the current Firefox profile folder or use the about:profiles page.
- Help -> Troubleshooting Information -> Profile Directory/Folder:
Windows: Show Folder; Linux: Open Directory; Mac: Show in Finder - https://support.mozilla.org/en-US/kb/Profiles
All Replies (2)
Chosen Solution
Is this about an intermediate certificate that is part of a certificate chain?
You can try to close (Quit) and restart Firefox after deleting this certificate ? You may have to repeat this.
If this doesn't help then delete cert9.db and possibly cert8.db in the profile folder with Firefox closed. Note that this will remove all intermediate certificates that Firefox has cached from visiting websites, so you may have a problem with servers that do not send a complete certificate chain.
You can use the button on the "Help -> Troubleshooting Information" (about:support) page to go to the current Firefox profile folder or use the about:profiles page.
- Help -> Troubleshooting Information -> Profile Directory/Folder:
Windows: Show Folder; Linux: Open Directory; Mac: Show in Finder - https://support.mozilla.org/en-US/kb/Profiles
I have run into this issue, and have a guess at the cause. I expire my client certificates every 90 days. If I install the renewed certificate before uninstalling the expired one, Firefox runs into this stupidity where it simply will not delete either one (and it always defaults to selecting the expired one, so I have to remember to change the selection every time I load the secured site) and I have to resort to the brute-force deletion of cert9.db. Make sure to delete any old certificates for the same DN before installing a new one.
Modified