Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Wannan tattunawa ta zama daɗaɗɗiya. Yi sabuwar tambaya idan ka na bukatar taimako.

Why are there still preinstalled MD2 Root Certs from verisign with FF3,4,5 ?

  • 3 amsoshi
  • 2 sa na da wannan matsala
  • 187 views
  • Amsa ta ƙarshe daga cor-el

more options

Hi,

i added a verisign root certificate in the troubleshooting section. This cert is signed with an md2 hashing algorithm, as mentioned on the 26c3 in berlin 2009.

It's still enabled by default for WEB, Email and other.

I strongly suggest to remove it, like anyone else did.

Interesstingly, the cryto shell extention from windows says sha1 , but openssl does not mention sha1 at all. I think openssl is right :)

Hi, i added a verisign root certificate in the troubleshooting section. This cert is signed with an md2 hashing algorithm, as mentioned on the 26c3 in berlin 2009. It's still enabled by default for WEB, Email and other. I strongly suggest to remove it, like anyone else did. Interesstingly, the cryto shell extention from windows says sha1 , but openssl does not mention sha1 at all. I think openssl is right :)

All Replies (3)

more options
more options

Nice tool, but it doesn't answere or help with this problem/question.

more options

Do those certificates have a SHA1 fingerprint?

I do not think that Firefox will use the MD5 (MD2?) fingerprint if that is the case.