Thursday, November 5, 21:05
Home security Firefox: Changes Root Certificate Handling Procedures in Windows

Firefox: Changes Root Certificate Handling Procedures in Windows

Mozilla will change how Firefox handles root certificates in Windows, said David Keeler, Mozilla Engineer.

Few are Firefox users who know about the browser's certificate store, a place where the browser saves digital certificates used in the process of creating encrypted communications.

Firefox: Changes Root Certificate Handling Procedures in Windows

In Windows, Firefox keeps its own certificate store, which is different from the Windows certificate store that Microsoft uses for Internet Explorer and Edge, and for the applications installed on the computer.

The fact that, in Windows, Firefox only uses its own certificate store and does not retrieve information from the Windows certificate database, it leads to situations where, in some business environments, Firefox users will not be able to connect to websites, while others browsers they will be able to.

This is typically the case with managed enterprise networks where system administrators install root certificates on Windows computers in order to access private networks and applications.

A Firefox user attempting to access a web page using a private root certificate will not be able to validate and access because Firefox will not know or trust the certificate, effectively preventing the user.

All this is about to change and Keeler says that starting with Firefox 49, the browser will also check the underlying Windows certificate store for root certificates if it meets unknown CAs.

Firefox will not automatically trust all root certificates which will be in the Windows certificate store, but only by the certificate issuing authorities responsible for the TLS web server certificate issuance.

To use this new feature, users must type "access: config”In their address bar to access a dedicated Firefox settings page. There they should look for the “security.enterprise_roots.enabled”And double-click to activate it.

Keeler says users will not be able to manage all certificates from the Firefox certificate store. If they want to remove one of the certificates and refrain from trusting HTTPS links to malicious websites, they should look for the certificates Windows if they do not find the fake certificate in the Firefox settings. Additionally, it adds that this can change and Firefox can automatically insert root Windows certificates into a future version.

Η Mozilla is ready to release Firefox 49 on September 13. Below you can see a screenshot of the Windows Firefox certificate store:

firefox-screenshot

LEAVE ANSWER

Please enter your comment!
Please enter your name here

LIVE NEWS

Researchers have discovered 75.000 files on second-hand USB drives

Security researchers have discovered 75.000 "extremely sensitive" documents on used USB devices, which were auctioned off on eBay.

How to restart a Google TV device

It is not uncommon for devices to stop working as they should. In many of these situations, a simple ...

Chesapeake Medical Center: 23.000 patient information reports

A data breach that affected Chesapeake Medical Center in Virginia, USA, resulted in the exposure of sensitive information about ...
00:02:47

An unknown person transferred $ 1.000.000 worth of bitcoin from a bitcoin wallet!

About $ 1 billion in bitcoin has been transferred from a mysterious wallet that has been in obscurity since 2015. The transfer of about ...

The National Guard cybersecurity team is assisting the UVM Medical Center with the hack

The cyber security unit of the Vermont National Guard will help the University of Vermont Medical Center put in ...

Expenditure on smart city technologies will increase by 22,7% by 2025

Research firm Frost & Sullivan has released a new report that analyzes global spending on smart city technologies that will ...

23,600 compromised databases leaked to the internet

More than 23.000 compromised databases are available on hacking forums and Telegram channels, with security experts saying it is ...

Watch Dogs: Legion was hacked and the source code was released on the internet

Watch Dogs: Legion is a Ubisoft game set recently released in London and has to do with hacking ....

How to disable Pop-up Blocker in Chrome

The appearance of pop-ups while browsing the web can be annoying, but sometimes you want to see pop-ups ....

Russian hacker arrested by Russian authorities for targeting locals

Russian authorities arrested a malware creator in late September, causing surprise as Russia is a country that is usually lenient ...