Monday, 7 July 2014

How-to: View and clear untrusted certificates on Firefox


Firefox is pretty good on security, such that when a site presents an SSL certificate that doesn't cross-match to the owner of a number of other properties, it throws a message:
This Connection is Untrusted: You have asked Firefox to connect securely to www.somessl.com, but we can't confirm that your connection is secure. Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified.
For untrusted certificates, you may choose to accept the connection by confirming it as an exception which Firefox then stores. Which is fine until you need to clear the exception and start over. Although Firefox isn't that intuitive about where to view those certificate exceptions and how to clear them...

Certificate exceptions are found via the Edit menu, under Preferences, Advanced. The last of the tabs in the dialog is for Certificates. Select the button View Certificates and it opens a further dialog for the Certificate Manager (didn't know you had one?).

In a further set of tabs, you select Servers, since SSL certificates are all server-based.


Highlight a certificate exception to clear and hit the Delete button. You will get a confirmation box to tell you Firefox is restoring its default security checks. RC

1 comment:

At least try to be nice, it won't kill you...