We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

ssl signed by removed authority still trusted

more options

I raise this question because I am worrying about a CA authority WoSign, and now I decide to untrust all SLL certificate signed by WoSign.

Wosign 的 CA有问题,我准备不再信任它签发的证书。


I removed 'Wosign Class 4 EV Server CA G2' from authority list of Firefox, and the next time I review this setting, the authority reappears but all options under this authority (websites, emails , softwares) is unchecked , just as Firefox tech support says.

But when I visit https://www.wosign.com/ , this website still trusted by Firefox. Its certificate is signed by Wosign Class 4 EV Server CA G2, of which I removed the authority.

Can anybody tell me how to make Firefox untrust this CA , and show me alert when I visit any website with SSL certificate signed by Wosign  ? Thank you!

I raise this question because I am worrying about a CA authority WoSign, and now I decide to untrust all SLL certificate signed by WoSign. Wosign 的 CA有问题,我准备不再信任它签发的证书。 I removed 'Wosign Class 4 EV Server CA G2' from authority list of Firefox, and the next time I review this setting, the authority reappears but all options under this authority (websites, emails , softwares) is unchecked , just as Firefox tech support says. But when I visit https://www.wosign.com/ , this website still trusted by Firefox. Its certificate is signed by Wosign Class 4 EV Server CA G2, of which I removed the authority. Can anybody tell me how to make Firefox untrust this CA , and show me alert when I visit any website with SSL certificate signed by Wosign ? Thank you!

All Replies (1)

more options

I have to admit I don't really understand how this works. When I remove trust from the root certificate (screen shot #1), then reload the page, instead of not being trusted, there's another authority which is vouching for the untrusted one (screen shot #2). ??!!