All Products Support Forum

Gmail is going to require OAuth 2.0 sign-in SFAIK, that means I will no longer be able to access gmail with Thunderbird. Are there plans for Thunderbird to meet the OAuth 2.0 requirement?

Hello! A site kept popping up a confirmation window for an action I was trying to take, and in the confirmation window, there was a checkbox for something like "don't allow [this website] to prompt me again" (that's as best I can remember). I checked the box thinking it would just allow the action to happen without the confirmation window, but instead, the site just won't take that action anymore. How can I undo this setting? Thank you!

Getting error SSL_ERROR_BAD_CERT_DOMAIN on all my sites that are signed with a SSL Cert from my internal CA since updating past version 99

This appears to be a bug starting after Firefox version 99 on Windows because after i upgraded to Firefox version 100 i started getting this on all my SSL Certs from my CA and they worked fine prior to the update. Can anyone confirm if something changed after version 100 that is causing this?

Thank you.

I have been using Thunderbird for several years for my GMail accounts, and have always preferred to download my messages using the POP and SMTP protocols, rather than use the IMAP protocol which leaves them all on the web. Google now inform me that "To help keep your account secure, Google will no longer support the use of third-party apps or devices which ask you to sign in to your Google Account using only your username and password. Instead, you’ll need to sign in using Sign in with Google or other more secure technologies, like OAuth 2.0. What do you need to do? Email software, like Outlook 2016 or earlier, has less secure access to your Gmail. Switch to Office 365, Outlook 2019 or newer, or any other email software where you can sign in using Sign in with Google." These changes are due to take effect from May 30th. How can I prepare for them and still use the POP and SMTP protocols after that date? Is OAuth 2.0 appropriate?

A website MultiSafepay.com has saved my CVV number in Firefox.

How do I edit the autofill data?

I can't get to the same payment page, to be in a position to delete it.

Most links on this matter refer to:

 Options => Privacy & Security => Forms and Autofill

However in my Version: Firefox 98.0.1 (64 bit) running on an up to date Windows 10 this feature is missing or deprecated.

Can anyone say how I could edit/delete this specific entry, or point me in the direction of where this data is stored?

In the mean time I can't recommend using Firefox for entering critical security data, where websites can allow the storage of CVV numbers.

I can't seem to disable the certificate verification on Mozilla Firefox. As you can see on the screenshot, the error code is SEC_ERROR_UNKNOWN_ISSUER.

I tried multiple solutions, including :

- https://smallbusiness.chron.com/disable-firefox-rejecting-certificates-59249.html - The three solutions from https://stackoverflow.com/questions/20088/is-there-a-way-to-make-firefox-ignore-invalid-ssl-certificates - https://support.mozilla.org/en-US/questions/1234483 - All of the solutions from https://browserhow.com/how-to-fix-mozilla-firefox-ssl-certificate-error/ - https://itectec.com/superuser/how-to-make-firefox-ignore-all-ssl-certification-errors/

and so on.

Is there a way to disable this for only one website, or at least for all website ? I got a web interface which is self signed (if I understand everything correctly) where we can bypass the certificate "error" but it would be great if I just could configure Firefox to skip it entirely for this interface (as I'm certain it's not insecure and even if it was I'd still use it because I can't use anything else for now.

I know Chrome has a command line which do exactly what I want (--ignore-certificate-errors) but Firefox is a must go for me so I'd prefer to find an option on this browser.

Thank you for your time.

I followed your help line however, on firefox version 94 there is no "Import from a csv file" for logins and passwords. I am migrating from a PC to a new laptop. I created the csv file from the old PC however, I am unable to import that data onto the new laptop.

I am running version 94.0.2 64bit Win10. Can you provide a solution as this is very frustrating.

Thanks A

How can I get a list of all the sites that are set to "always open" in a specific container? For example, I want to see a list of all the sites set to always open in the Work container. I would also like to edit the list without needing to manually visit each site.

Hello,

I noticed that a setting on the about:config page was removed: the "security.csp.enable" setting. I was using this setting to disable CSP to be able to load local JS scripts on some non-locally hosted sites, for debugging and development, work related purposes.

Was this setting really removed? Is there a way to disable CSP on Firefox on the latest version?

Thanks! Gabriel.

Hi all, I have an Apache site on Kubuntu 20.04 with a certificate signed by my private CA. I've added the root CA ceritificate in Firefox and in Chromium.

Firefox throws a SEC_ERROR_BAD_SIGNATURE error

Chromium accept the certificate as valid

What can I do?

Notes: the site url is "https://hdev.h.net" (with an internal IP address inside my lab)

Attached there are:

- the authority settings page
- the certification authority certificate as seen by Firefox
- the site certificate

Firefox version 82.0 Ubuntu Chromium version 86.0.4240.11

I have just received this message from Google / Gmail:

"Google will no longer support the use of third-party apps or devices which ask you to sign in to your Google Account using only your username and password. Instead, you’ll need to sign in using Sign in with Google or other more secure technologies, like OAuth 2.0"

I currently use an older version of MS Outlook that apparently won't work after these changes are introduced.

My question is - will Thunderbird work with Gmail after the 30th May deadline? Is it compatible with 'Sign in with Google'?

Thank you for your help.

Mike

Hello, I have been using Firefox for so long, and it's one of my favorite web browser on Windows as well as on Android. Firefox update for Android has become frustrating for many people including me, as most of the features aren't available in this new FF. One of them is about:config system settings, where i use to change some usefull features by going through that option. Sadly, this isn't available in the new update as of now. So, I would like to request you that please add this option as soon as possible in the coming updates. Another request would be, to be able to change the dns within the browser for using secure dns like DoH. As this option is available in desktop browser, i will be happy to get this option even on Android as well. Thank you.....

I used to be able to send emails using Thunderbird to Office365 using SMTP, but it is no longer working, although I'm still receiving emails.

Getting the following error: Login to server smtp.office365.com with username ***@*** failed

Settings Server: smtp.office365.com Port: 587 Encryption: STARTTLS

The problem occurs with Windows and also Mac OS (I installed Thunderbird to help troubleshoot).

I'm using Office 365 Family, so there is no option to manage the users, as there is in the business version, and which has been suggested by others with the same problem.

It's unclear to me if the problem lies with Thunderbird or Microsoft (I suspect the latter). Any advice would be very welcome.

Cannot access about:config on Firefox android. This seems to be an intentional action as there is an archived thread where other users had the same problem and Firefox did crikets and did not resolve the issue.

Without the ability to access about:config it is almost impossible to prevent browser hacks and spying through microphone and camera using the Firefox's always on webrtc due to this.

For anyone reading this search for "webrtc leaks" . Then read about the dangers of having webrtc on by default as Firefox does with impunity.

This needs to stop and it is a huge security hole.

Firefox developers needs to enable about:config so that users can switch off shouting vulnerabilities like this.

There has been threads before like this, but developers do nothing about this issue which is very very curious.

Should we believe they want to leave webrtc on permanently, knowing that it can be used maliciously as reported?

I have been using Firefox for years now, but since an update a couple of months back, when I deploy a new internal site I receive an error stating that the "Secure Connection Failed" because of "Error code: SEC_ERROR_REUSED_ISSUER_AND_SERIAL". There is a official workaround explaining how to bypass this issue, however it doesn't work. I have tested the same sites with Chrome, Edge, IE and it always works why is Firefox suddenly not working? Below are images of my local lab replicating the issue.

Hi Firefox is not showing Accept the risk and continue-button when advance button is clicked. Due to this i am not able to access server. Image is attached for reference.

I tried most of the things i know (reinstalled, clear cookies and data, cleared history) but it's not showing this option.

Using 96.0.2 (64-bit) on Window 10.

Pls support

Mahesh

Hi, I've noticed recently that on login to some website that because my account profile uses a gmail account the website is automatically logging me in.

I'm assuming the following is what is happening, I'd like to stop it and use my password manager to login, but this process the website is using is completely bypassing my configuration choices.

Should I assume this data is shared with Google? It must be right, they have sent an authentication request to google that my email on profile is valid and google knows the domain that made the request and the timestamp. Worse, this blocks me from using my own password manager or browser password manager and gives me no control over what is shared with google a 3rd party to website i have subscribed, are they not violating privacy terms by doing this? Is there a class action in progress somewhere?