Buscar en Ayuda

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

i don't trust russian or chinese CAs. how can i remove those certifiates from the trusted list?

  • 2 respuestas
  • 1 tiene este problema
  • 1 visita
  • Última respuesta de harry747

more options

this is about firefox 37.0.1 on ubuntu 14.04. i bring up the list of certificates, select some of them and then click delete or distrust. they disappear from the list. the next time i bring up that list, they are there again. but when i then select one of them and then click edit trust, all 3 checkboxes are selected, telling me that firefox trusts those certificates even though i specifically told it NOT to trust them. why? what is going on here?

also, there is a verisign certificate that is required for yahoo searches. i can't get firefox to trust this one. i select it and click on edit trust, and none of the checkboxes are checked. i click the one for the websites, then OK. problem is, when i click OK, nothing happens. the only way to get rid of that window is to click cancel or the red X in the corner of the window. and then, the next time i start firefox, the certificate is untrusted again, and i have to do it all again. it's annoying.

so to summarize, firefox insists on trusting untrustworthy certificates, and refuses to trust the ones that i want to trust.

instead of punching out new versions like cinema tickets, you guys need to do more testing and make sure everything works.

this is about firefox 37.0.1 on ubuntu 14.04. i bring up the list of certificates, select some of them and then click delete or distrust. they disappear from the list. the next time i bring up that list, they are there again. but when i then select one of them and then click edit trust, all 3 checkboxes are selected, telling me that firefox trusts those certificates even though i specifically told it NOT to trust them. why? what is going on here? also, there is a verisign certificate that is required for yahoo searches. i can't get firefox to trust this one. i select it and click on edit trust, and none of the checkboxes are checked. i click the one for the websites, then OK. problem is, when i click OK, nothing happens. the only way to get rid of that window is to click cancel or the red X in the corner of the window. and then, the next time i start firefox, the certificate is untrusted again, and i have to do it all again. it's annoying. so to summarize, firefox insists on trusting untrustworthy certificates, and refuses to trust the ones that i want to trust. instead of punching out new versions like cinema tickets, you guys need to do more testing and make sure everything works.

Todas las respuestas (2)

more options

You can't remove the built-in root certificates, but you can remove their trust bits via the Edit button to prevent Firefox from using them as a trusted root certificate.

Intermediate certificates that Firefox has stored when visiting websites that show as "Software Security Device" should never has trust bits set. Note that it is the responsibility of a server to send all required intermediate certificates to make it possible to build a certificate chain that ends with a built-in root certificate.

more options

cor-el said

... but you can remove their trust bits via the Edit button to prevent Firefox from using them as a trusted root certificate.

and that is the bit that i have a problem with. i turn off those checkboxes and then the ok button does nothing. so i click the orange X in the corner of the window, and the next time i launch firefox, it is all back to the way it was before :-(