Hello all,
I sometimes when trying to go to a website (in this case: undocumented.ntinternals.net) FF pops up an "Your connection is not secure" error. When I than click "Advanced" I get a reason (in this case : "invalid security certificate"), and an "add exception" button is displayed.
My question : where is such an exception stored (database?) and how am I supposed to manage them ?
iow: how do I make sure that the exception is *temporary* (session-only?).
Notice that the security problem is probably caused by your use of ancient software that is using a old certificate chain. Certificates expire, and
new certs get added.
In an up to date FFx, settings, search for "exceptions". Browse down, till
a button named "View certificates". A yellow text says the word
"Exceptions" is inside.
Carlos,
Notice that the security problem is probably caused by your use of ancient >> software that is using a old certificate chain. Certificates expire, and
new certs get added.
Possibly. If you know how to add a new root certificate (and where to get one) to my ancient software OS as well as browser) than I would like to
know.
In an up to date FFx, settings, search for "exceptions". Browse down, till >> a button named "View certificates". A yellow text says the word
"Exceptions" is inside.
In my browser there is a certificates section tucked away under tools -> options -> advanced -> cerificates -> view certificates , which than shows five tabs : Your cerificates, People, Servers, Authorities and Others.
I would not even know if that is where an exception (pinned) certificate is stored. None of the tabs have a name in that direction.
And I have not been too clear with my question : I desire to know in which file (database?) such exceptions are stored, so I can follow the closing of the browser up with removing that file (think: making the exception session-only).
Remark : It looks like exceptions are stored in the cert8.db file, which, alas, is not easily editable (not an sqlite database).
If you know how to add a new root certificate (and where to get
one) to my ancient software OS as well as browser) than I would like
to know.
No, sorry, I don't know.
In Windows, I don't know if FFx uses its own cert store.
Current FFx has a box to search a keyword in the settings,
I suspect exceptions are stored in a database, not a file you can edit or delete.
Carlos,
If you know how to add a new root certificate (and where to get
one) to my ancient software OS as well as browser) than I would like
to know.
No, sorry, I don't know.
No problem. As I'm using "ancient software" I didn't really expect you to know, but had to ask to make sure.
In Windows, I don't know if FFx uses its own cert store.
That would be the cert8.db file (and possibly key8.db too).
Agreed, that database is a file too, I can and I can.
The only problem with the first "I can" is that hex-editing it "just might" (understatement) make the file unusable. :-)
For the second "I can", I can copy the current cert8.db database file somewhere, and copy back from it just after or before starting FF itself. Not the cleanest way to do it, but it will most likely work.
On 2026-02-13 11:02, R.Wieser wrote:
Hello all,
I sometimes when trying to go to a website (in this case:
undocumented.ntinternals.net) FF pops up an "Your connection is not
secure"
error. When I than click "Advanced" I get a reason (in this case :
"invalid security certificate"), and an "add exception" button is
displayed.
My question : where is such an exception stored (database?) and how am
I supposed to manage them ?
iow: how do I make sure that the exception is *temporary*
(session-only?).
Notice that the security problem is probably caused by your use of
ancient software that is using a old certificate chain. Certificates
expire, and new certs get added.
In an up to date FFx, settings, search for "exceptions". Browse down,
till a button named "View certificates". A yellow text says the word "Exceptions" is inside.
I did not find any, probably meaning that I have not added any exception
in this browser.
In my browser there is a certificates section tucked away under tools -> options -> advanced -> cerificates -> view certificates , which than shows five tabs : Your cerificates, People, Servers, Authorities and Others.
I would not even know if that is where an exception (pinned) certificate is stored. None of the tabs have a name in that direction.
I can also click on the padlock of, say, the narkive.com site and
turn the exception on or off. On the RPi site I can only remove the
exception that way.
I suspect exceptions are stored in a database, not a file you can
edit or delete.
Any exceptions added during private browsing disappear as soon
as the private browsing session ends.
I suspect exceptions are stored in a database, not a file you can
edit or delete.
It would be an SQLite database, which you can access and modify
using the usual SQLite tools.
| Sysop: | Amessyroom |
|---|---|
| Location: | Fayetteville, NC |
| Users: | 59 |
| Nodes: | 6 (0 / 6) |
| Uptime: | 25:29:58 |
| Calls: | 810 |
| Files: | 1,287 |
| Messages: | 196,024 |