Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

ca-certificate expired, but I do trust the website

  • 3 replies
  • 9 have this problem
  • 3 views
  • Last reply by christ1

more options

My internet-router uses a certificate which has expired. So I cannot access the admin-interface of the router.

Is there any chance to tell Firefox to accept this certifate?

My internet-router uses a certificate which has expired. So I cannot access the admin-interface of the router. Is there any chance to tell Firefox to accept this certifate?

All Replies (3)

more options

Did you try to contact the maker of the modem to see if there is an update available?

Did you previously made an extension to make Firefox accept the certificate?

Can you currently make an extension via "I Understand the Risks" or is that not working because of the new PKIX library that current releases use?

You can try to rename the cert8.db file (cert8.db.old) and delete the cert_override.txt file in the Firefox profile folder to remove intermediate certificates and exceptions that Firefox has stored.

If that has helped to solve the problem then you can remove the renamed cert8.db.old file. Otherwise you can rename (or copy) the cert8.db.old file to cert8.db to restore the previously stored intermediate certificates. Firefox will automatically store intermediate certificates when you visit websites that send such a certificate.

If that didn't help then remove or rename secmod.db (secmod.db.old) as well.

more options

I renamed both files (cer8.db, secmod.db) and deleted cert-override.txt Still, the only option shown is "Try again". It isn't possible to accept the risk, as it was in former versions of Firefox.

I am using another browser to configure my router as long as FF gives me no chance to.

more options

It isn't possible to accept the risk, as it was in former versions of Firefox.

The behavior hasn't changed compared to former versions of FF. There are scenario's where FF offers to create a security exception. An expired cert is none of them.

There is possibly an about:config pref to override that behavior, but I'd strongly advise not to mess with this.

I am using another browser to configure my router as long as FF gives me no chance to.

If another browser accepts an expired cert, that's reason enough not to use it.

Modified by christ1