Hi firefox9, you may have missed the news somehow.

At midnight on May 4th, a critical certificate Firefox uses to verify extension signatures -- necessary to run or install extensions -- expired. In order to restore normality, you need a new certificate.

Official Solutions: Firefox 66.0.4 and Firefox 60.6.2esr have the fix.

If you are not running a current version of Firefox, but it is recent, you might be able to use the "hotfix" delivered via a study. See: Add-ons disabled or fail to install on Firefox.

If you are running an older version, Mozilla is looking at making an extension which will install the new certificate but it's not working yet.

For the time being, you may need to use an **unofficial** and **unsupported** workaround in that case.

Is it so hard to just ask a question about why insert Extensions are disabled instead of jumping to unfounded conclusions.

"why insert Extensions are disabled"?

Does this explain failure to download umatrix? they didn't put a notice of non-compliance on it. there seem to be multiple problems and a distinct direction to them. it would appear mozilla is more concerned with upgrading with silly bells and whistles and leaving security in the dust. from this and other issues it would appear they are aligning with google who has no interest in security or privacy.

Hi firefox9, this problem was not caused by an upgrade. Quite the opposite: an upgrade that installed the new certificate would have prevented this problem from happening.

Anyway, if you want help using or installing extensions, we're here. Check out my first reply.

According to noscript staff the problem does not exist with FF52 only most recent versions. there are multiple problems... and they all point in one direction.

firefox9 said

According to noscript staff the problem does not exist with FF52 only most recent versions. there are multiple problems... and they all point in one direction.

What version are you running? The ESR versions (52 and 60) have a feature to completely disable signature verification, which is not recommended, but if someone has that setting, then they wouldn't be aware of how this certificate expiration problem affects those versions when the default setting is in place.

i am running 60.6.1esr on my main debian machine... what config entries are you referring to? one other nice firefox feature would be an auto update for security patches separate from an auto update for "new features". both should have "notify only" option.

Hi firefox9, the Mozilla builds for Linux (here) have been updated to 60.6.2esr with the new certificate, but individual distribution repositories might not be able to update as quickly due to their various customizations.

would be nice if an open source organization concentrated on open source solutions. would be great for firefox to have an "update" option or better yet "update security" and "update features" feature. i like to use "apt-get install". how hard would it be for mozilla to publish package names? trying to figure out where files go is a bit much to ask for non-administrators.

As a Windows user, I am not familiar with most of that, but I know you have a choice whether you install Firefox from your repo or from Mozilla, and that causes variations in configuration.

Windows? my condolences. NOBODY knows what's going on inside windows. not even microsoft :D Bill Gates, inventor of viruses. ok... dont mean to be mean but no more post here please? it marks thread as answered... thanks