We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Èròjà atẹ̀lélànà yii ni a ti fi pamọ́ fọ́jọ́ pípẹ́. Jọ̀wọ́ béèrè ìbéèrè titun bí o bá nílò ìrànwọ́.

How to decipher info on certificate exception

  • 4 àwọn èsì
  • 5 ní àwọn ìṣòro yìí
  • 15 views
  • Èsì tí ó kẹ́hìn lọ́wọ́ FoxyFirey

FoxyFirey
FoxyFirey
more options

I'm using Firefox 8 on Windows 7 Professional 64-bit.

I was browsing qriocity.com and was presented with a notification that the credentials didn't match (something to that effect). I chose the option to add an exception, thinking that I can easily find and remove the exception. After much googling, I found that the likely way to do this is to got to Tools->Options->Advanced-Encryption->ViewCertificates. The only tabs that are not empty are the Servers and Authorities tabs. In the Servers tab, I found an entry under "Comodo CA Limited" that looked related to the qriocity site: 

  Certificate Name: *.support.sonyentertainmentnetwork.com
  Server: qriocity-en-us.custhelp.com:443

Without any other information, I would decide to delete this entry. However, I was wondering if these are in fact certificate *exceptions* that I am looking at. As well, knowing *when* the exception was added would eliminate any doubt that it is the exception I added just now. Is there a way to show the date added? Such a field doesn't seem to exist when I click on "View...".

On a separate but related matter, I was also looking for something relevant in the Authorities tab. Are these all authorities that I added, possibly implicitly and unknowningly? Is there a way (and is it wise) to reduce this list to what it would be for a virgin installation of Firefox?

I'm using Firefox 8 on Windows 7 Professional 64-bit. I was browsing qriocity.com and was presented with a notification that the credentials didn't match (something to that effect). I chose the option to add an exception, thinking that I can easily find and remove the exception. After much googling, I found that the likely way to do this is to got to Tools->Options->Advanced-Encryption->ViewCertificates. The only tabs that are not empty are the Servers and Authorities tabs. In the Servers tab, I found an entry under "Comodo CA Limited" that looked related to the qriocity site: Certificate Name: *.support.sonyentertainmentnetwork.com Server: qriocity-en-us.custhelp.com:443 Without any other information, I would decide to delete this entry. However, I was wondering if these are in fact certificate *exceptions* that I am looking at. As well, knowing *when* the exception was added would eliminate any doubt that it is the exception I added just now. Is there a way to show the date added? Such a field doesn't seem to exist when I click on "View...". On a separate but related matter, I was also looking for something relevant in the Authorities tab. Are these all authorities that I added, possibly implicitly and unknowningly? Is there a way (and is it wise) to reduce this list to what it would be for a virgin installation of Firefox?

Ti ṣàtúnṣe nípa FoxyFirey

Ọ̀nà àbáyọ tí a yàn

Entries that you see on the Server tab are permanent exceptions that you've accepted and those are stored in the file cert_override.txt in the profile folder.

Entries on the Authorites tabs are either build-in root certificates or intermediate certificates that Firefox automatically stores.

  • Build-in root certificates show as "Builtin Object Token" on the Authorities tab in the Certificate Manager.
  • Stored intermediate certificates show as "Software Security device".
Ka ìdáhùn ni ìṣètò kíkà 👍 2

All Replies (4)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

Ọ̀nà àbáyọ Tí a Yàn

Entries that you see on the Server tab are permanent exceptions that you've accepted and those are stored in the file cert_override.txt in the profile folder.

Entries on the Authorites tabs are either build-in root certificates or intermediate certificates that Firefox automatically stores.

  • Build-in root certificates show as "Builtin Object Token" on the Authorities tab in the Certificate Manager.
  • Stored intermediate certificates show as "Software Security device".
FoxyFirey
FoxyFirey Ìbéèrè olóhun
more options

Hello, cor-el,

I looked in cert_override.txt to see if contains the date of added exceptions. The file is dated approximately in the time I was looking at the Server tab entries (and I did in fact delete the relevant looking entry). However it is empty with the exception of the following comment-looking lines: 

# PSM Certificate Override Settings file
# This is a generated file!  Do not edit.

The file remained empty even when I exited Firefox. However, when I restarted Firefox and checked the Server tab, and it is certainly not empty. There are 10 entries under "The USERTRUST Network".

So I was wondering if cert_override.txt is suppose to be a complete copy of all of the contents of the Server tab?

Furthermore, is there a way to determine when the Server tab entries were added?

Ti ṣàtúnṣe nípa FoxyFirey

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

The certificates may be stored in cert8.db along with the other intermediate certificates if the cert_override.txt file is empty.

FoxyFirey
FoxyFirey Ìbéèrè olóhun
more options

Oh. Not text. OK. Thanks.