X
Tap here to go to the mobile version of the site.

Support Forum

Mozilla "trusted websites" database. SSL Certs

Posted

I've noticed that you have to buy a SSL cert, not to use SSL but so that the browser knows its a safe connection, why is this system even needed ? its encryptet anyhow. My question/suggestion why cant firefox add an extra service where small webdevelopers like myself can enter information about the project like the Domain name and contact information etc. And then the community perhaps can go in and confirm that this website is legit and its safe to proced with the HTTPS request. It wont work cross browser i know, but i think it would be a great feature.

Yours Fredrik Royal institute of technology, Sweden

I've noticed that you have to buy a SSL cert, not to use SSL but so that the browser knows its a safe connection, why is this system even needed ? its encryptet anyhow. My question/suggestion why cant firefox add an extra service where small webdevelopers like myself can enter information about the project like the Domain name and contact information etc. And then the community perhaps can go in and confirm that this website is legit and its safe to proced with the HTTPS request. It wont work cross browser i know, but i think it would be a great feature. Yours Fredrik Royal institute of technology, Sweden

Chosen solution

Sorry, I misunderstood your question.

A certificate only works if there is a certificate chain that links it to a built-in root certificate, so it will only work if you get a certificate from one of those suppliers that have a root certificate in Firefox.

Read this answer in context 1

Additional System Details

Installed Plug-ins

  • Shockwave Flash 11.2 r202
  • This plug-in detects the presence of iTunes when opening iTunes Store URLs in a web page with Firefox.
  • DivX Web Player version 1.4.0.233
  • The Totem 3.0.1 plugin handles video and audio streams.

Application

  • User Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:25.0) Gecko/20100101 Firefox/25.0

More Information

cor-el
  • Top 10 Contributor
  • Moderator
12744 solutions 117111 answers

You can use something like PGP to validate data if that is what you want to achieve.

You can use something like PGP to validate data if that is what you want to achieve. *http://en.wikipedia.org/wiki/Pretty_Good_Privacy
jscher2000
  • Top 10 Contributor
3598 solutions 32244 answers

The purpose of the SSL certificate is more than providing an encryption key, it indicates that your communication is being decrypted with the certificate associated with a particular website, in other words, that it's not a man-in-the-middle or an impostor website.

The purpose of the SSL certificate is more than providing an encryption key, it indicates that your communication is being decrypted with the certificate associated with a particular website, in other words, that it's not a man-in-the-middle or an impostor website.

Question owner

I dont understand how im suppost to run my website of PGP, its seems to me its ok for string encryption, but for that we already have B-crypt with the rounds feature.

Yes i know that the SSL Certs are give out to protect the clients from man in the middle attacks etc. Look if you buy a cert, it stops the browser from going "hey this might not be safe" and you have to add an exception, why cant firefox have a pre-made "exception" list of trusted website eather in the software or seperate server somewhere, as a free feature for your users, that adds community validated websites. Anyone can apply website, and when it gets enough "up votes" it gets automaticly added. Anyone can buy a cert that dosen't mean there website is safe... if you think about it, my suggestion would be more avanible, cheaper and safer.

I dont understand how im suppost to run my website of PGP, its seems to me its ok for string encryption, but for that we already have B-crypt with the rounds feature. Yes i know that the SSL Certs are give out to protect the clients from man in the middle attacks etc. Look if you buy a cert, it stops the browser from going "hey this might not be safe" and you have to add an exception, why cant firefox have a pre-made "exception" list of trusted website eather in the software or seperate server somewhere, as a free feature for your users, that adds community validated websites. Anyone can apply website, and when it gets enough "up votes" it gets automaticly added. Anyone can buy a cert that dosen't mean there website is safe... if you think about it, my suggestion would be more avanible, cheaper and safer.
cor-el
  • Top 10 Contributor
  • Moderator
12744 solutions 117111 answers

Chosen Solution

Sorry, I misunderstood your question.

A certificate only works if there is a certificate chain that links it to a built-in root certificate, so it will only work if you get a certificate from one of those suppliers that have a root certificate in Firefox.

Sorry, I misunderstood your question. A certificate only works if there is a certificate chain that links it to a built-in root certificate, so it will only work if you get a certificate from one of those suppliers that have a root certificate in Firefox. *http://www.mozilla.org/projects/security/certs/policy/
janinmat 0 solutions 1 answers

I have a similar problem with Facebook. I cannot post http into tabs. They are requesting https and SSL certificates for each url. If we need to purchase SSL can we get them through Mozilla/Firefox

I have a similar problem with Facebook. I cannot post http into tabs. They are requesting https and SSL certificates for each url. If we need to purchase SSL can we get them through Mozilla/Firefox
jscher2000
  • Top 10 Contributor
3598 solutions 32244 answers

Hi janinmat, Mozilla doesn't sell security certificates. However, you can get them for $10/year if you shop around. I think I've used this aptly named company in the past to get discounts on the Comodo PositiveSSL cert: https://www.facebook.com/cheapssls

BEFORE BUYING: check with your hosting company to make sure you will be able to install one you buy yourself; some make it difficult or impossible to do that and require you to buy it through them at a higher price.

Hi janinmat, Mozilla doesn't sell security certificates. However, you can get them for $10/year if you shop around. I think I've used this aptly named company in the past to get discounts on the Comodo PositiveSSL cert: https://www.facebook.com/cheapssls BEFORE BUYING: check with your hosting company to make sure you will be able to install one you buy yourself; some make it difficult or impossible to do that and require you to buy it through them at a higher price.