Recent answers to websites displaying old html texthttps://support.mozilla.org/ga-IE/questions/10990732015-12-18T07:33:49-08:00cor-el said
You should never set trust bits on certificates that have a software security device d2015-12-18T07:33:49-08:00RangeAntelopehttps://support.mozilla.org/ga-IE/questions/1099073?page=2#answer-819332<p><em>cor-el <a href="#answer-819322" rel="nofollow">said</a></em>
</p>
<blockquote>
You should never set trust bits on certificates that have a software security device designation.
Try try above posted advice and delete this certificate.
Alternatively you can try to rename or delete the cert8.db file in the Firefox profile folder.
You can use this button to go to the current Firefox profile folder:
<ul><li>Help &gt; Troubleshooting Information &gt; Profile Directory: Show Folder (Linux: Open Directory; Mac: Show in Finder)
</li><li><a href="http://kb.mozillazine.org/Profile_folder_-_Firefox" rel="nofollow">http://kb.mozillazine.org/Profile_folder_-_Firefox</a>
</li></ul>
</blockquote>
<p>I did as you requested and Deleted the GoDaddy certificate. I then went to <a href="http://variety.com" rel="nofollow">variety.com</a> and <a href="http://deadline.com" rel="nofollow">deadline.com</a> and both are displaying normally.
</p>You should never set trust bits on certificates that have a software security device designation.
Tr2015-12-18T06:59:54-08:00cor-elhttps://support.mozilla.org/ga-IE/questions/1099073?page=2#answer-819322<p>You should never set trust bits on certificates that have a software security device designation.
Try try above posted advice and delete this certificate.
</p><p>Alternatively you can try to rename or delete the cert8.db file in the Firefox profile folder.
</p><p>You can use this button to go to the current Firefox profile folder:
</p>
<ul><li>Help &gt; Troubleshooting Information &gt; Profile Directory: Show Folder (Linux: Open Directory; Mac: Show in Finder)
</li><li><a href="http://kb.mozillazine.org/Profile_folder_-_Firefox" rel="nofollow">http://kb.mozillazine.org/Profile_folder_-_Firefox</a>
</li></ul>You can try to delete this certificate to see if that makes Firefox use the built-in version.
2015-12-18T06:56:30-08:00cor-elhttps://support.mozilla.org/ga-IE/questions/1099073?page=2#answer-819321<p>You can try to delete this certificate to see if that makes Firefox use the built-in version.
</p>jscher2000 said
Here's mine for comparison. It is a "built-in" while yours is added on. I'm not su2015-12-18T06:42:16-08:00RangeAntelopehttps://support.mozilla.org/ga-IE/questions/1099073?page=2#answer-819318<p><em>jscher2000 <a href="#answer-819295" rel="nofollow">said</a></em>
</p>
<blockquote>
Here's mine for comparison. It is a "built-in" while yours is added on. I'm not sure what is normal any more (I've been running this same profile now for years...).
</blockquote>
<p>I changed the trust bits for GoDaddy to mimic yours and THAT seems to have corrected the problem!
</p><p>I have a question:
Originally, you asked me to display a link called First Style Sheets, I've attached a screenshot - is this how it is supposed to display?
</p><p>BIG THANKS to all you folks for being patient and, obviously, giving much thought to my issue - for this reason, and a plethora of others, is why I have not used MicroSUCK IE since even before Windows 95. I was raised on Mosaic, NetScape and now, the one and only, FIREFOX!
</p><p>Randall
</p>Here's mine for comparison. It is a "built-in" while yours is added on. I'm not sure what is normal 2015-12-18T06:12:22-08:00jscher2000https://support.mozilla.org/ga-IE/questions/1099073?page=2#answer-819295<p>Here's mine for comparison. It is a "built-in" while yours is added on. I'm not sure what is normal any more (I've been running this same profile now for years...).
</p>cor-el said
Did you check the "Go Daddy Root Certificate Authority - G2" certificate in the Certif2015-12-18T05:21:15-08:00RangeAntelopehttps://support.mozilla.org/ga-IE/questions/1099073?page=2#answer-819274<p><em>cor-el <a href="#answer-819220" rel="nofollow">said</a></em>
</p>
<blockquote>
Did you check the "Go Daddy Root Certificate Authority - G2" certificate in the Certificate Manager like I suggested above?
<ul><li>Tools &gt; Options &gt; Advanced &gt; Certificates: View Certificates
</li></ul>
You can click "Edit Trust" to check what trust bits are set.
You should normally have a tick on "This certificate can identify websites."
</blockquote>
<p>Not sure what you want to see - Servers, Authorities, both?
</p>Did you check the "Go Daddy Root Certificate Authority - G2" certificate in the Certificate Manager 2015-12-18T03:40:23-08:00cor-elhttps://support.mozilla.org/ga-IE/questions/1099073?page=2#answer-819220<p>Did you check the "Go Daddy Root Certificate Authority - G2" certificate in the Certificate Manager like I suggested above?
</p>
<ul><li>Tools &gt; Options &gt; Advanced &gt; Certificates: View Certificates
</li></ul>
<p>You can click "Edit Trust" to check what trust bits are set.
You should normally have a tick on "This certificate can identify websites."
</p>So, something appears out of whack.
How do you folks suggest proceeding?
2015-12-18T03:28:07-08:00RangeAntelopehttps://support.mozilla.org/ga-IE/questions/1099073?page=2#answer-819214<p>So, something appears out of whack.
How do you folks suggest proceeding?
</p>Hmm, you have an extra root certificate in your hierarchy. That's strange... what is that doing ther2015-12-17T07:47:22-08:00jscher2000https://support.mozilla.org/ga-IE/questions/1099073?page=2#answer-818856<p>Hmm, you have an extra root certificate in your hierarchy. That's strange... what is that doing there?
</p>Do you see any of the Go Daddy certificates that show in the screenshot as "Software Security Device2015-12-17T07:13:32-08:00cor-elhttps://support.mozilla.org/ga-IE/questions/1099073?page=2#answer-818838<p>Do you see any of the Go Daddy certificates that show in the screenshot as "Software Security Device" in the Certificate Manager?
</p><p>Especially check this certificate: Go Daddy Root Certificate Authority - G2
That certificate shows as chained to another certificate that isn't a built-in root certificate and thus doesn't have trust bits set.
Trust bits should only be set for built-in root certificates.
</p>RangeAntelope said
cor-el said
If you can't inspect the certificate via "I Understand the Risks" 2015-12-17T06:37:21-08:00RangeAntelopehttps://support.mozilla.org/ga-IE/questions/1099073?page=2#answer-818825<p><em>RangeAntelope <a href="#answer-818335" rel="nofollow">said</a></em>
</p>
<blockquote>
<em>cor-el <a href="#answer-818324" rel="nofollow">said</a></em>
<blockquote>
If you can't inspect the certificate via "I Understand the Risks" then try this:
Open the "Add Security Exception" window by pasting this chrome URL in the Firefox location/address bar and check the certificate:
<ul><li>chrome://pippki/content/exceptionDialog.xul
</li></ul>
In the location field of this window type or paste the URL of the website.
<ul><li>retrieve the certificate via the "Get certificate" button
</li><li>click the "View..." button to inspect the certificate in the Certificate Viewer
</li></ul>
You can inspect details like the issuer and the certificate chain in the Details tab of the Certificate Viewer.
Check who is the issuer of the certificate.
If necessary then you can attach a screenshot that shows the certificate viewer.
</blockquote>
</blockquote>If you can't inspect the certificate via "I Understand the Risks" then try this:
Open the "Add Secur2015-12-17T06:13:45-08:00cor-elhttps://support.mozilla.org/ga-IE/questions/1099073?page=2#answer-818809<p>If you can't inspect the certificate via "I Understand the Risks" then try this:
</p><p>Open the "Add Security Exception" window by pasting this chrome URL in the Firefox location/address bar and check the certificate:
</p>
<ul><li>chrome://pippki/content/exceptionDialog.xul
</li></ul>
<p>In the location field of this window type or paste the URL of the website.
</p>
<ul><li>retrieve the certificate via the "Get certificate" button
</li><li>click the "View..." button to inspect the certificate in the Certificate Viewer
</li></ul>
<p>You can inspect details like the issuer and the certificate chain in the Details tab of the Certificate Viewer.
Check who is the issuer of the certificate.
If necessary then you can attach a screenshot that shows the certificate viewer.
</p>That sounds logical. I used one of the links you sent above (attached).
How should I proceed?
Randal2015-12-17T05:27:22-08:00RangeAntelopehttps://support.mozilla.org/ga-IE/questions/1099073#answer-818777<p>That sounds logical. I used one of the links you sent above (attached).
How should I proceed?
Randall
</p>Hi Randall, deleting the cert8.db file might help, but what I would really like is if you look at th2015-12-17T04:49:56-08:00jscher2000https://support.mozilla.org/ga-IE/questions/1099073#answer-818770<p>Hi Randall, deleting the cert8.db file might help, but what I would really like is if you look at the issuer details for some rejected certificates to see whether we can spot the problem there.
</p>jscher2000 said
Hi Randall, what did you edit, exactly?
Firefox stores trusted certificates in a 2015-12-17T04:10:09-08:00RangeAntelopehttps://support.mozilla.org/ga-IE/questions/1099073#answer-818764<p><em>jscher2000 <a href="#answer-818725" rel="nofollow">said</a></em>
</p>
<blockquote>
Hi Randall, what did you edit, exactly?
Firefox stores trusted certificates in a file named cert8.db in your active profile (settings) folder. As you browse, "intermediate" certificates signed by a trusted "root" certificate are added to the file. If you manually import a certificate, it also is added to the file. If you delete the cert8.db file, Firefox will start from scratch with a file containing the trusted root certificates, so you can always do that.
You also can copy the cert8.db file from a "working" Firefox installation to your current one, but you rarely need to do that unless you recall specially setting it up to work on this computer, or with a high security remote server that requires a personal certificate for access (which is rare).
What you wouldn't want to do is copy over a cert8.db file which is configured to trust some malware running on your system. We want to rule out the possibility of an intruder reading all your browsing traffic, as described earlier in this thread, not just patch it over.
</blockquote>
<p>I went into Tools&gt;Options&gt;Advanced&gt;Certificates&gt;View Certificates
I removed some certificates from either Servers and/or Authorities.
The ones I removed "appeared" to be of no value and, to me, were of a suspicious nature such as ones from Turkey, Thailand, Japan etc.
</p><p>So, do you think I should just delete the cert8.db file?
Would there be any repercussions from doing this?
</p><p>Thanks SO MUCH for your help,
Randall
</p>Hi Randall, what did you edit, exactly?
Firefox stores trusted certificates in a file named cert8.db2015-12-17T02:17:17-08:00jscher2000https://support.mozilla.org/ga-IE/questions/1099073#answer-818725<p>Hi Randall, what did you edit, exactly?
</p><p>Firefox stores trusted certificates in a file named cert8.db in your active profile (settings) folder. As you browse, "intermediate" certificates signed by a trusted "root" certificate are added to the file. If you manually import a certificate, it also is added to the file. If you delete the cert8.db file, Firefox will start from scratch with a file containing the trusted root certificates, so you can always do that.
</p><p>You also can copy the cert8.db file from a "working" Firefox installation to your current one, but you rarely need to do that unless you recall specially setting it up to work on this computer, or with a high security remote server that requires a personal certificate for access (which is rare).
</p><p>What you wouldn't want to do is copy over a cert8.db file which is configured to trust some malware running on your system. We want to rule out the possibility of an intruder reading all your browsing traffic, as described earlier in this thread, not just patch it over.
</p>Good Morning,
I really think that I messed up the Certificates file when I edited it - I'm pretty su2015-12-17T01:21:05-08:00RangeAntelopehttps://support.mozilla.org/ga-IE/questions/1099073#answer-818698<p>Good Morning,
I really think that I messed up the Certificates file when I edited it - I'm pretty sure I removed the GoDaddy certificate thinking it was a "monitoring" service.
</p><p>Can I save the Certificates file from my other, working fine, laptop and transfer that into my, not working fine, laptop?
Randall
</p>Oh, I thought you created an exception. If not, you can use the Add Exception dialog. So the steps i2015-12-16T07:11:59-08:00jscher2000https://support.mozilla.org/ga-IE/questions/1099073#answer-818365<p>Oh, I thought you created an exception. If not, you can use the Add Exception dialog. So the steps instead are:
</p><p>Open <a href="https://pmcdeadline2.files.wordpress.com/2015/12/laura-linney.jpg?w=212&amp;h=142&amp;crop=1" rel="nofollow">https://pmcdeadline2.files.wordpress.com/2015/12/laura-linney.jpg?w=212&amp;h=142&amp;crop=1</a>
</p><p>Expand the "I understand the risks" section and look for an Add Exception button.
</p><p><em>Note: You don't need to complete the process of adding an exception -- I suggest not adding one until we know this isn't a malware issue -- but you can use the dialog to view the information that makes Firefox suspicious.</em>
</p><p>Click Add Exception, and the certificate exception dialog should open.
</p><p>Click the View button. If View is not enabled, try the Get Certificate button first.
</p><p>This should pop up the Certificate Viewer. Look at the "Issued by" section, and on the Details tab, the Certificate Hierarchy. What do you see there? I have attached a screen shot for comparison.
</p>Thanks for your help and patience.
I will have to continue this thread tomorrow, Thursday December 12015-12-16T06:58:05-08:00RangeAntelopehttps://support.mozilla.org/ga-IE/questions/1099073#answer-818352<p>Thanks for your help and patience.
I will have to continue this thread tomorrow, Thursday December 17th at around 10am PST.
I'm confident that you guys will figure it out - I have a feeling that my certificate permissions need to be re-established... but that's only a guess.
</p>jscher2000 said
RangeAntelope said
When I tried the first two links, they both warned "WHOA are yo2015-12-16T06:55:32-08:00RangeAntelopehttps://support.mozilla.org/ga-IE/questions/1099073#answer-818348<p><em>jscher2000 <a href="#answer-818325" rel="nofollow">said</a></em>
</p>
<blockquote>
<em>RangeAntelope <a href="#answer-818316" rel="nofollow">said</a></em>
<blockquote>When I tried the first two links, they both warned "WHOA are you sure you want to go there?" and forced me to acknowledge an Exception to those certificates (see attached).</blockquote>
<p>It's not normal to need to make exceptions for well run sites.
</p><p>Let's take a look at the certificate for the first one:
</p><p><a href="https://pmcdeadline2.files.wordpress.com/2015/12/laura-linney.jpg?w=212&amp;h=142&amp;crop=1" rel="nofollow">https://pmcdeadline2.files.wordpress.com/2015/12/laura-linney.jpg?w=212&amp;h=142&amp;crop=1</a>
</p><p>Click the padlock on the address bar, then the "&gt;" and More Information
</p><p>That should launch the Page Info dialog, Security Panel. Click the View Certificate button.
</p><p>That should launch the Certificate Viewer. Please compared yours to the areas I've boxed in red in the attached. What do you see there?
</p>
</blockquote>