We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

I have downloaded Firefox 21 for mac os and it has diginotar certs

more options

I have downloaded Firefox 21 for my Mac Os and when I go under the advance/encryption/view certificate settings their are entries for Diginotar. I downloaded this through my Canadian ISP Velcom.ca and don't understand why I see the following certificates under certificate manager DigiNotar DigiNotar Cyber CA DigiNotar Root CA DigiNotar Services 1024 CA DigiNotar B.V DigiNotar PKIoverhead CA Organisatir-G2 DigiNotar PKIoverhead CA Overheid en Bedrijven

DiigNotar is defunct because of stolen certificates. Why Is this on my new Firefox version 21?

I have downloaded Firefox 21 for my Mac Os and when I go under the advance/encryption/view certificate settings their are entries for Diginotar. I downloaded this through my Canadian ISP Velcom.ca and don't understand why I see the following certificates under certificate manager DigiNotar DigiNotar Cyber CA DigiNotar Root CA DigiNotar Services 1024 CA DigiNotar B.V DigiNotar PKIoverhead CA Organisatir-G2 DigiNotar PKIoverhead CA Overheid en Bedrijven DiigNotar is defunct because of stolen certificates. Why Is this on my new Firefox version 21?

All Replies (5)

more options

The answer is the same as the last time you asked this question.

As more information has come to light about the attack on the DigiNotar Certificate Authority we have improved the protections added in MFSA 2011-34. The main change is to add explicit distrust to the DigiNotar root certificate and several intermediates. Removing the root as in our previous fix meant the certificates could be considered valid if cross-signed by another Certificate Authority. Importantly this list of distrusted certificates includes the "PKIOverheid" (PKIGovernment) intermediates under DigiNotar's control that did not chain to DigiNotar's root and were not previously blocked.
more options

Perhaps your head is stuck in the past Gingerbread_Man.

I said its Firefox 21which came out in 2013. There should be no Diginotar certificate. On On September 3, 2011 Digitnotar went bankrupt. https://en.wikipedia.org/wiki/DigiNotar

more options

There shouldn't be any DigiNotar certificates present under the Authorities tab in the Certificate Manager, but there should be permanent block entries under the Servers tab.

  • Firefox > Preferences > Advanced : Encryption: Certificates - View Certificates

Select a DigiNotar certificate in the Certificate Manager > Servers.

  • Click the "Edit Trust" button to verify that the certificate is not trusted and "Do not trust the authenticity of this certificate" is selected.

cor-el moo ko soppali ci

more options

cor-el wrote:

Click the "Edit Trust" button to verify that the certificate is not trusted and "Do not trust the authenticity of this certificate" is selected.

That's exactly what I said last time.

mace2 wrote:

Perhaps your head is stuck in the past Gingerbread_Man.

Learn some manners, then feel free to ask your question where it's more likely to be seen by a developer, like on IRC or a newsgroup like mozilla.dev.security.policy

more options

I installed Firefox 22 same on my Mac witch has both windows 7 and Mac OS Moutain Liion and the windows 7 found the web site https://www.faxzero.com valid.

Same computer 2 different operating systems windows 7 firefox 22 works but Snow leopard Firefox 22 does not work