This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

DigiNotar still among trusted CAs!?

  • 1 reply
  • 3 have this problem
  • 3 views
  • Last reply by cor-el

more options

I just happened to have a look at the list of digital certificates and was surprised to see DigiNotar among the trusted-for-ever entries.

To refresh the reader's memory: there was a nasty case of sloppy routine a year or two ago, resulting in an intrusion and fake certificates, followed by the chemspill release to weed out anything remotely smelling of DigiNotar.

Looks like we are friends again - or is there something fishy with my environment?

TiA

smo

I just happened to have a look at the list of digital certificates and was surprised to see DigiNotar among the trusted-for-ever entries. To refresh the reader's memory: there was a nasty case of sloppy routine a year or two ago, resulting in an intrusion and fake certificates, followed by the chemspill release to weed out anything remotely smelling of DigiNotar. Looks like we are friends again - or is there something fishy with my environment? TiA smo

All Replies (1)

more options

There shouldn't be any DigiNotar certificates present under the Authorities tab in the Certificate Manager, but there should be permanent block entries under the Servers tab.

  • Tools > Options > Advanced : Encryption: Certificates - View Certificates

Select a DigiNotar certificate in the Certificate Manager > Servers.

  • Click the "Edit Trust" button to verify that the certificate is not trusted and "Do not trust the authenticity of this certificate" is selected.