ScaleCraft said

jscher2000 said

Or, if you trust me, you can download from my site here: https://www.jeffersonscher.com/sumo/signingca1addonsmozillaorg_20190504.crt

No idea if it worked or not. Selected the last block (software?) hit go, window went away, add-ons still borked.

The post listed a 3-step process. Please continue with step 2 in the process:

(2) Clear the time Firefox last re-verified

This will set Firefox up to check much sooner than it otherwise would check.

(A) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.

(B) In the search box above the list, type or paste xpi- and pause while the list is filtered

(C) Right-click the app.update.lastUpdateTime.xpi-signature-verification preference and click Reset on the context menu

(3) Restart Firefox

You can exit Firefox normally, then start it up again. In my tests, it took less than 60 seconds for Firefox to verify my extensions.

okay....I have studiously avoided ANY checks on last update time. I don't WANT updates on ANYTHING unless I initiate them (rare). I have the window open, ready to do..something. I just want FF to ignore me, not change things, not update things. I was able to replace a couple of add-ons, four of five still disabled.

I looked deeper....mine is already set to 1557107014 and I did find a reset button. Different..I am used to double clicking to get true/false. Again, what does reset give me? Is it just a start fresh with the fix?

There have been Firefox updates released to address this issue (66.0.4 and 60.6.2 ESR). Users of older (unsupported) Firefox versions will have to install this new intermediate certificate via other ways for now. You can check for updates via Help -> About Firefox

See also: Mozilla Add-ons on Twitter: "The current plan is to push an update to update versions older than 64, but the current ETA is sometime Monday"

• https://twitter.com/mozamo/status/1124698401046577153

So, the push is to update. For the millions of XP users (by MicroSlime's own admission, four times as many XP users as all of 8) who cannot go further than 52ESR...now what?

ScaleCraft said

jscher2000 said

(2) Clear the time Firefox last re-verified
This will set Firefox up to check much sooner than it otherwise would check.
(A) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.
(B) In the search box above the list, type or paste xpi- and pause while the list is filtered
(C) Right-click the app.update.lastUpdateTime.xpi-signature-verification preference and click Reset on the context menu
(3) Restart Firefox

I looked deeper....mine is already set to 1557107014 and I did find a reset button. Different..I am used to double clicking to get true/false. Again, what does reset give me? Is it just a start fresh with the fix?

It's not a true/false, it's a number, so double-clicking will pop a box where you can edit it.

That timestamp equates to May 5, 2019 6:43:34 PM Pacific time. That means Firefox will next try to re-verify your extensions 24 hours later.

• If you want to accelerate the process of re-verification so Firefox does it now, with the new certificate, then right-click > Reset the preference, exit and restart Firefox.

• If everything is back to normal now, then no need to do that, you're done.

Okay, I'm starting to understand how Mozilla thinks.

BTW, there were 5 add-ons that would not come back, but now loading is enabled, and I found older versions and loaded them. I think I need to find the actual downloads and save them elsewhere.

Do you know how to absolutely kill FF ability to check or update my computer ever again? They abandoned XP, it's all I use, and I do not want to spend another weekend trying to get this to work again.

If you don't, I'll figure it out like I did with MicroSlime after the WGA debacle.

It's been what, 10 years since the last MS update on this box, my 8 laptop was last updated the week I got it.

cor-el said

You can run this code in the Browser Console to install the intermediate certificate.

• "3-bar" menu button or Tools -> Web Developer
• https://developer.mozilla.org/en-US/Tools/Browser_Console

You can verify success in the Certificate Manager (Authorities tab) under Mozilla Corporation: signingca1.addons.mozilla.org You will also have to reset this pref on the about:config page to trigger a signature check.

• app.update.lastUpdateTime.xpi-signature-verification

---

try {
  let intermediate = "MIIHLTCCBRWgAwIBAgIDEAAIMA0GCSqGSIb3DQEBDAUAMH0xCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNNb3ppbGxhIENvcnBvcmF0aW9uMS8wLQYDVQQLEyZNb3ppbGxhIEFNTyBQcm9kdWN0aW9uIFNpZ25pbmcgU2VydmljZTEfMB0GA1UEAxMWcm9vdC1jYS1wcm9kdWN0aW9uLWFtbzAeFw0xNTA0MDQwMDAwMDBaFw0yNTA0MDQwMDAwMDBaMIGnMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTTW96aWxsYSBDb3Jwb3JhdGlvbjEvMC0GA1UECxMmTW96aWxsYSBBTU8gUHJvZHVjdGlvbiBTaWduaW5nIFNlcnZpY2UxJjAkBgNVBAMTHXNpZ25pbmdjYTEuYWRkb25zLm1vemlsbGEub3JnMSEwHwYJKoZIhvcNAQkBFhJmb3hzZWNAbW96aWxsYS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC/qluiiI+wO6qGA4vH7cHvWvXpdju9JnvbwnrbYmxhtUpfS68LbdjGGtv7RP6F1XhHT4MU3v4GuMulH0E4Wfalm8evsb3tBJRMJPICJX5UCLi6VJ6J2vipXSWBf8xbcOB+PY5Kk6L+EZiWaepiM23CdaZjNOJCAB6wFHlGe+zUk87whpLa7GrtrHjTb8u9TSS+mwjhvgfP8ILZrWhzb5H/ybgmD7jYaJGIDY/WDmq1gVe03fShxD09Ml1P7H38o5kbFLnbbqpqC6n8SfUI31MiJAXAN2e6rAOM8EmocAY0EC5KUooXKRsYvHzhwwHkwIbbe6QpTUlIqvw1MPlQPs7Zu/MBnVmyGTSqJxtYoklr0MaEXnJNY3g3FDf1R0Opp2/BEY9Vh3Fc9Pq6qWIhGoMyWdueoSYa+GURqDbsuYnk7ZkysxK+yRoFJu4x3TUBmMKM14jQKLgxvuIzWVn6qg6cw7ye/DYNufc+DSPSTSakSsWJ9IPxiAU7xJ+GCMzaZ10Y3VGOybGLuPxDlSd6KALAoMcl9ghB2mvfB0N3wv6uWnbKuxihq/qDps+FjliNvr7C66mIVH+9rkyHIy6GgIUlwr7E88Qqw+SQeNeph6NIY85PL4p0Y8KivKP4J928tpp18wLuHNbIG+YaUk5WUDZ6/2621pi19UZQ8iiHxN/XKQIDAQABo4IBiTCCAYUwDAYDVR0TBAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwMwHQYDVR0OBBYEFBY++xz/DCuT+JsV1y2jwuZ4YdztMIGoBgNVHSMEgaAwgZ2AFLO86lh0q+FueCqyq5wjHqhjLJe3oYGBpH8wfTELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE01vemlsbGEgQ29ycG9yYXRpb24xLzAtBgNVBAsTJk1vemlsbGEgQU1PIFByb2R1Y3Rpb24gU2lnbmluZyBTZXJ2aWNlMR8wHQYDVQQDExZyb290LWNhLXByb2R1Y3Rpb24tYW1vggEBMDMGCWCGSAGG+EIBBAQmFiRodHRwOi8vYWRkb25zLm1vemlsbGEub3JnL2NhL2NybC5wZW0wTgYDVR0eBEcwRaFDMCCCHi5jb250ZW50LXNpZ25hdHVyZS5tb3ppbGxhLm9yZzAfgh1jb250ZW50LXNpZ25hdHVyZS5tb3ppbGxhLm9yZzANBgkqhkiG9w0BAQwFAAOCAgEAX1PNli/zErw3tK3S9Bv803RV4tHkrMa5xztxzlWja0VAUJKEQx7f1yM8vmcQJ9g5RE8WFc43IePwzbAoum5F4BTM7tqM//+e476F1YUgB7SnkDTVpBOnV5vRLz1Si4iJ/U0HUvMUvNJEweXvKg/DNbXuCreSvTEAawmRIxqNYoaigQD8x4hCzGcVtIi5Xk2aMCJW2K/6JqkN50pnLBNkPx6FeiYMJCP8z0FIz3fv53FHgu3oeDhi2u3VdONjK3aaFWTlKNiGeDU0/lr0suWfQLsNyphTMbYKyTqQYHxXYJno9PuNi7e1903PvM47fKB5bFmSLyzB1hB1YIVLj0/YqD4nz3lADDB91gMBB7vR2h5bRjFqLOxuOutNNcNRnv7UPqtVCtLF2jVb4/AmdJU78jpfDs+BgY/t2bnGBVFBuwqS2Kult/2kth4YMrL5DrURIM8oXWVQRBKxzr843yDmHo8+2rqxLnZcmWoe8yQ41srZ4IB+V3w2TIAd4gxZAB0Xa6KfnR4D8RgE5sgmgQoK7Y/hdvd9Ahu0WEZI8Eg+mDeCeojWcyjF+dt6c2oERiTmFTIFUoojEjJwLyIqHKt+eApEYpF7imaWcumFN1jR+iUjE4ZSUoVxGtZ/Jdnkf8VVQMhiBA+i7r5PsfrHq+lqTTGOg+GzYx7OmoeJAT0zo4c=";
  let certDB = Cc["@mozilla.org/security/x509certdb;1"].getService(Ci.nsIX509CertDB);
  certDB.addCertFromBase64(intermediate, "", "");
  console.log("new intermediate certificate added");
} catch (e) {
  console.error("failed to add new intermediate certificate:", e);
}

@ Cor-el,

I'm running FF 56.0.2 (64 bit) and I am not upgrading either.

I was able to open the Browser Console using Ctrl+Shift+J.

But I cannot see how to get to the, Certificate Manager > Authorities Tab > Import Command

Please see my screenshot.

What to I click to get to the Certificate Manager?

As I am not a techie or programmer please reply with exact instructions on what to click, etc.

Thanks!

JohnDohe said

cor-el said

You can verify success in the Certificate Manager (Authorities tab) under Mozilla Corporation: signingca1.addons.mozilla.org

@ Cor-el,

I'm running FF 56.0.2 (64 bit) and I am not upgrading either.

I was able to open the Browser Console using Ctrl+Shift+J.

But I cannot see how to get to the, Certificate Manager > Authorities Tab > Import Command

It's on the Options/Preferences page. If you have the design with the search box at the top of the page, enter cert and the page should filter down to the Certificates section and you can click the "View Certificates" button.

Then in the little dialog, click on the Authorities tab to show that list.

jscher2000 said

JohnDohe said

cor-el said

You can verify success in the Certificate Manager (Authorities tab) under Mozilla Corporation: signingca1.addons.mozilla.org

@ Cor-el,

I'm running FF 56.0.2 (64 bit) and I am not upgrading either.

I was able to open the Browser Console using Ctrl+Shift+J.

But I cannot see how to get to the, Certificate Manager > Authorities Tab > Import Command

It's on the Options/Preferences page. If you have the design with the search box at the top of the page, enter cert and the page should filter down to the Certificates section and you can click the "View Certificates" button.

Then in the little dialog, click on the Authorities tab to show that list.

Ah, ok, got it!

Now . . . what should I do?

Thanks!

JohnDohe said

Ah, ok, got it! Now . . . what should I do?

The critical first step is to run the code in the Browser Console to add the certificate.

The Certificate Manager option was to see whether the certificate got added successfully.

Then do steps 2 and 3 here: https://support.mozilla.org/questions/1258275?page=2#answer-1219738

jscher2000 said

JohnDohe said

Ah, ok, got it! Now . . . what should I do?

The critical first step is to run the code in the Browser Console to add the certificate.

The Certificate Manager option was to see whether the certificate got added successfully.

Then do steps 2 and 3 here: https://support.mozilla.org/questions/1258275?page=2#answer-1219738

Hi,

I sincerely thank you for bearing with me, but I don't want to do something that will make a mess.

I am not a programmer or techie.

"The critical first step is to run the code in the Browser Console to add the certificate."

All well and good, and for someone who knows what this is and how to do it its great!

But for the rest of us we need exact and detailed instructions.

Click here, type this, kind of instruct.

Please see my screenshot of my Browser Console in my Mac.

Thanks!

Hi JohnDohe, this thread is very long now so I've lost track of where the exact directions are, sorry. If you trust me, you can install the certificate with a single click from my web server instead of using the console method.

https://www.jeffersonscher.com/sumo/signingca1addonsmozillaorg_20190504.crt

In the dialog, leave all the checkboxes blank -- this isn't for websites or whatever those other ones were -- and click OK.

Then check the Preferences page to see whether the certificate arrived.

jscher2000 said

JohnDohe said

Ah, ok, got it! Now . . . what should I do?

The critical first step is to run the code in the Browser Console to add the certificate.

The Certificate Manager option was to see whether the certificate got added successfully.

Then do steps 2 and 3 here: https://support.mozilla.org/questions/1258275?page=2#answer-1219738

Hi!

Also, what do I look for in Certificate Manager to see whether the certificate got added successfully?

Thanks!

JohnDohe said

Also, what do I look for in Certificate Manager to see whether the certificate got added successfully?

See attached.

jscher2000 said

Hi JohnDohe, this thread is very long now so I've lost track of where the exact directions are, sorry. If you trust me, you can install the certificate with a single click from my web server instead of using the console method. https://www.jeffersonscher.com/sumo/signingca1addonsmozillaorg_20190504.crt In the dialog, leave all the checkboxes blank -- this isn't for websites or whatever those other ones were -- and click OK. Then check the Preferences page to see whether the certificate arrived.

Oh s_it!!

Your instruct to leave all options unchecked was after the link and the instruct to install it if I trusted you!

Before reading your whole post that followed your link, I clicked the link, saw the options and checked each one of them!

How to un-check all those options now that they're in?

-(

JohnDohe said

Before reading your whole post that followed your link, I clicked the link, saw the options and checked each one of them! How to un-check all those options now that they're in?

Hi JohnDohe, I learned of this problem in cooking class. Always read the entire recipe first before you start. :-)

If you select (highlight) the certificate in the viewer, does an Edit Trust button become enabled? If so, click that and uncheck the boxes there. If your version doesn't have that, you can delete the certificate, but you will have to quit/restart Firefox before trying to add it again.\

jscher2000 said

JohnDohe said

Before reading your whole post that followed your link, I clicked the link, saw the options and checked each one of them! How to un-check all those options now that they're in?

Hi JohnDohe, I learned of this problem in cooking class. Always read the entire recipe first before you start. :-)

If you select (highlight) the certificate in the viewer, does an Edit Trust button become enabled? If so, click that and uncheck the boxes there. If your version doesn't have that, you can delete the certificate, but you will have to quit/restart Firefox before trying to add it again.\

Hi!

(You're so right about reading! I'm the first one to advise same!)

"If you select (highlight) the certificate in the viewer . . . ".

Which certificate?

What "Certificate Name" do I look for?

Thanks!

JohnDohe said

"If you select (highlight) the certificate in the viewer . . . ". Which certificate? What "Certificate Name" do I look for? Thanks!

The Authorities list is alphabetical by issuer. Look for Mozilla Corporation as the issuer, and highlight the only certificate under that.

jscher2000 said

JohnDohe said

"If you select (highlight) the certificate in the viewer . . . ". Which certificate? What "Certificate Name" do I look for? Thanks!

The Authorities list is alphabetical by issuer. Look for Mozilla Corporation as the issuer, and highlight the only certificate under that.

YES!

Unchecked them all!

Thanks!!!

-)))