Same for me, I'm on Tumbleweed, same Firefox (I get mine from the Mozilla repo)

Mine was from OpenSUSE:

Information for package MozillaFirefox:

Repository  : Mozilla Name  : MozillaFirefox Version  : 123.0.1-lp155.1.1 Arch  : x86_64 Vendor  : obs://build.opensuse.org/mozilla Installed Size : 246.7 MiB Installed  : Yes Status  : up-to-date Source package : MozillaFirefox-123.0.1-lp155.1.1.src Upstream URL  : http://www.mozilla.org/ Summary  : Mozilla Firefox Web Browser Description  :

   Mozilla Firefox is a standalone web browser, designed for standards
   compliance and performance.  Its functionality can be enhanced via a
   plethora of extensions.

Extension certificate verification occurs at different times of day for different users, so others may start reporting the same thing later today... I don't see this on the Firefox subreddit yet.

Extension Updates

When Mozilla changes the certificate in Firefox, the Add-ons site should update all the live extensions. If normal automatic updates are enabled, Firefox should get find and install the updated XPIs automatically. Maybe that failed. Could you click the "gear" or "wheel" button on the Add-on page and run Check for Updates.

Distro Forum

Is there an OpenSUSE forum where other users of Firefox from that repository might be discussing this?

System Clock

Please also check your system clocks to make sure they aren't rolled forward to a time when the internal certificate might no longer be valid.

Appears to be related: https://bugzilla.opensuse.org/show_bug.cgi?id=1221531

I've received a response here as well: https://github.com/mozilla/addons/issues/1575

Your reply went into the spam link moderation queue. To expedite discussion, I'm reposting:

Appears to be related: https://bugzilla.opensuse.org/show_bug.cgi?id=1221531 I've received a response here as well: https://github.com/mozilla/addons/issues/1575

That does appear to answer my question. If I am reading this correct, I would need to uninstall and reinstall all of my add-ons (which will also reset all their settings.)

Is there a faster/easier way to do that? Or some way to go re-enable all of these ones that the Add-Ons Manager believes were not verified?

I spoke too soon, re-adding an add-on from the Add-on site gives me "Installation aborted because the add-on appears to be corrupt."

There is a faster way to force reverification, but if you still have the problematic files (I can't really understand the specific problem from the OpenSUSE forum thread), you should get the same result.

To Prompt Immediate Reverification

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button accepting the risk.

More info on about:config: Configuration Editor for Firefox. The moderators would like us to remind you that changes made through this back door aren't fully supported and aren't guaranteed to continue working in the future.

(2) In the search box in the page, type or paste xpi- and pause while the list is filtered

(3) Find the app.update.lastUpdateTime.xpi-signature-verification preference and click the trash can at the right end of the row to clear it

(4) Close this tab and do a regular quit/restart of Firefox. It should re-run the verification within the first minute or two after startup.

I have tried that, but the results are the same and I can't add something from the Firefox Add-on page still.

It looks like Firefox is affected by something in the OpenSUSE/Tumbleweed certificate related updates released over the weekend. It's not clear whether that is going to get patched promptly or whether it can be rolled back safely, etc. I'm a Windows person, so I need to defer to the Linux community to explain the interaction and clarify the workarounds.

Hi, to be clear this is a problem with openSUSE and not Firefox itself. Please keep an eye on https://bugzilla.opensuse.org/show_bug.cgi?id=1221531 and do not uninstall/re-install your add-ons to avoid losing your data.

Until there is a change on the OpenSUSE side or until Firefox gets rid of the SHA1, you can set the crypto-policy to allow the weaker encryption: sudo update-crypto-policies --set LEGACY

Until there is a change on the OpenSUSE side or until Firefox gets rid of the SHA1, you can set the crypto-policy to allow the weaker encryption: sudo update-crypto-policies --set LEGACY

Where there any other steps? I tried the command and a reboot but Firefox still shows the extensions as disabled.

`Lex said

Until there is a change on the OpenSUSE side or until Firefox gets rid of the SHA1, you can set the crypto-policy to allow the weaker encryption: sudo update-crypto-policies --set LEGACY

Where there any other steps? I tried the command and a reboot but Firefox still shows the extensions as disabled.

Try deleting the last verification time preference again so Firefox checks again after the next restart.

zaggynl said

`Lex said

Until there is a change on the OpenSUSE side or until Firefox gets rid of the SHA1, you can set the crypto-policy to allow the weaker encryption: sudo update-crypto-policies --set LEGACY

Where there any other steps? I tried the command and a reboot but Firefox still shows the extensions as disabled.

Try deleting the last verification time preference again so Firefox checks again after the next restart.

Yes, I did both of those things, then gave it a moment and everything re-enabled themselves.

Note that there are prefs in about:config to keep extension storage.

• extensions.webextensions.keepStorageOnUninstall
• extensions.webextensions.keepUuidOnUninstall