Join the Mozilla’s Test Days event from 9–15 Jan to test the new Firefox address bar on Firefox Beta 135 and get a chance to win Mozilla swag vouchers! 🎁

Este site irá ter funcionalidade limitada enquanto fazemos manutenção para melhorar a sua experiência. Se um artigo não resolve o seu problema e quiser colocar uma questão, temos a nossa comunidade de apoio à espera de o ajudar em @FirefoxSupport no Twitter, /r/firefox no Reddit.

Avatar for Username

Pesquisar no apoio

Evite burlas no apoio. Nunca iremos solicitar que telefone ou envie uma mensagem de texto para um número de telefone ou que partilhe informações pessoais. Por favor, reporte atividades suspeitas utilizando a opção "Reportar abuso".

Saber mais

Esta discussão foi arquivada. Se precisar de ajuda, por favor, coloque uma nova questão.

compromised certificates still present

  • 1 resposta
  • 1 tem este problema
  • 1 visualização
  • Última resposta por cor-el

abestes
abestes
more options

I am running FF8. I realized recently that the full sweet of compromised certificates (global trustee, etc) was present in my usertrust network, and I thought it was perhaps because I migrated my profile from my old computer. So I completely uninstalled FF, removed all the remaining directories and reinstalled, and lo, they are still there in the usertrust network and Diginotar CAs etc still in Authorities. When I have deleted them from the trust network, they only re-appear in Others, and when I delete from there, they just reappear. Now, I know that for most of them, the trust has been removed, but for some of them they still had some level, if not full CA trust. What gives? If these certificates are indeed untrusted and blocked WHY ON EARTH are they not listed in some kind of Revoked list, and/or why are they still showing up in v8, making users like me spend hours trying to figure out if they are actually threats or not? Can anyone please advise?

I am running FF8. I realized recently that the full sweet of compromised certificates (global trustee, etc) was present in my usertrust network, and I thought it was perhaps because I migrated my profile from my old computer. So I completely uninstalled FF, removed all the remaining directories and reinstalled, and lo, they are still there in the usertrust network and Diginotar CAs etc still in Authorities. When I have deleted them from the trust network, they only re-appear in Others, and when I delete from there, they just reappear. Now, I know that for most of them, the trust has been removed, but for some of them they still had some level, if not full CA trust. What gives? If these certificates are indeed untrusted and blocked WHY ON EARTH are they not listed in some kind of Revoked list, and/or why are they still showing up in v8, making users like me spend hours trying to figure out if they are actually threats or not? Can anyone please advise?

Todas as respostas (1)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

You can click the Edit button on the DigiNotar certificates to verify that all trust bits are unchecked.
That will make it impossible for them to be used as root certificates.

Select a DigiNotar certificate in the Certificate Manager.

  • Click the Edit button to verify that all trust bits are unchecked
  • Click the View button and go to Details to verify that the certificate has been deactivated (Explicitly Distrust DigiNotar Root CA)