
How to disable all ssl checking - sec_error_ca_cert_invalid
Is it possible to disable all SSL checking of any kind within firefox?
I'm stuck with this error. (copied from another post) https://support.cdn.mozilla.net/media/uploads/images/2014-08-04-14-05-02-bc62ea.png
I have already set mozillapkix to false. I do not want to have to import self-signed certs for all my servers into firefox. I also deal with 'broken ssl', like incomplete certificate chains, etc.. on load balancers, or other odd devices.
I had a version of nightly that was working with mozillapkix set to false, but it looks like it auto-updated:( so it is at 33.0.2 now, and no longer likes my self-signed certs again. (Which reminds me I need to turn off auto-update if possible).
If there is no way to completely disable ssl checking in Firefox, is there a nightly build version, or prior build version (I forget what version this new ssl checking began), that I can use that will avoid this stringent ssl checking (why there is no 'add exception' is still confusing...)?
Chosen solution
If this is a major headache, you can use the Extended Support Release version of Firefox 31. I believe the preference to disable use of PKIX still works in that version. You could test with the "Portable Apps" build first before switching.
More info on ESR: http://www.mozilla.org/firefox/organizations/
Portable build (unofficial) for testing: http://portableapps.com/apps/internet/firefox-portable-esr (uses its own local profile, exit your normal Firefox first)
Read this answer in context 👍 0All Replies (3)
Chosen Solution
If this is a major headache, you can use the Extended Support Release version of Firefox 31. I believe the preference to disable use of PKIX still works in that version. You could test with the "Portable Apps" build first before switching.
More info on ESR: http://www.mozilla.org/firefox/organizations/
Portable build (unofficial) for testing: http://portableapps.com/apps/internet/firefox-portable-esr (uses its own local profile, exit your normal Firefox first)
hello jwhitene, please try running firefox beta which should contain some fixes to allow for overriding certain untrusted connection error messages again: https://www.mozilla.org/firefox/channel/#beta
it is not possible to generally switch of the checking of ssl certificates - if this were an option exposed to the user obviously malware and all sorts of attackers could use that too...
The extended Support Release version of Firefox 31 worked, thanks. I'll check out the beta or newer releases if/when I start running into plugin-compatibility issues as time goes on.
Thanks.