Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Èròjà atẹ̀lélànà yii ni a ti fi pamọ́ fọ́jọ́ pípẹ́. Jọ̀wọ́ béèrè ìbéèrè titun bí o bá nílò ìrànwọ́.

How can I tell which servers are safe in certificate manager please?)

  • 3 àwọn èsì
  • 5 ní àwọn ìṣòro yìí
  • 1 view
  • Èsì tí ó kẹ́hìn lọ́wọ́ cor-el

more options

Hello, While looking through my computer, in the Certificate Manager I noticed there were a few Certificate names that I know nothing about. There were 5 but I deleted the DigiNotar Cyber CA after reading that Mozilla/FireFox no longer trust them. The others are Entrust.net - Equifax Secure Inc. - GTE Corporation and The USERTRUST Network.

Do these all need to be on my computer?

Any help appreciated.

Cheers, Jack Cat

Hello, While looking through my computer, in the Certificate Manager I noticed there were a few Certificate names that I know nothing about. There were 5 but I deleted the DigiNotar Cyber CA after reading that Mozilla/FireFox no longer trust them. The others are Entrust.net - Equifax Secure Inc. - GTE Corporation and The USERTRUST Network. Do these all need to be on my computer? Any help appreciated. Cheers, Jack Cat

Ọ̀nà àbáyọ tí a yàn

In Tools > Options > Advanced : Encryption: Certificates you have to differentiate between Authorities and Servers. My approach: as long as Authorities include only certificates of the "Builtin Object Token" and "Software Security device" type, I implicitly trust Mozilla and the ex-factory Firefox only.

Servers are then secondary - for instance DigiNotar experienced a serious breach some time ago and as a result - in the chem spill release of Firefox a day later - was dropped from the Authorities list. However, the DigiNotar server can still be included, as a repository for certificates by other "authorities"-trusted CAs.

If this does not allay your fears, you can always reset the Firefox to its ex-factory state as follows:

Refresh Firefox - reset add-ons and settings

Ka ìdáhùn ni ìṣètò kíkà 👍 1

All Replies (3)

more options

Ọ̀nà àbáyọ Tí a Yàn

In Tools > Options > Advanced : Encryption: Certificates you have to differentiate between Authorities and Servers. My approach: as long as Authorities include only certificates of the "Builtin Object Token" and "Software Security device" type, I implicitly trust Mozilla and the ex-factory Firefox only.

Servers are then secondary - for instance DigiNotar experienced a serious breach some time ago and as a result - in the chem spill release of Firefox a day later - was dropped from the Authorities list. However, the DigiNotar server can still be included, as a repository for certificates by other "authorities"-trusted CAs.

If this does not allay your fears, you can always reset the Firefox to its ex-factory state as follows:

Refresh Firefox - reset add-ons and settings

more options

smo, thank you for your help, problem solved. Cheers, Jack Cat

more options

Note that you may have actually removed the DigiNotar block exceptions button then you would have noticed that those certificates are untrusted permanently ("Do not trust the authenticity of this certificate").