"Certificate cannot be trusted" warning in Kazakhstan

Firefox Firefox ბოლოს განახლებული: 87% of users voted this helpful
ჯერჯერობით, ამ სტატიის გადათარგმნაში არავინ დაგვხმარებია. თუ თქვენ უკვე იცით, როგორ იმუშაოთ SUMO საიტზე, შეგიძლიათ ახლავე დაიწყოთ თარგმნა. თუ გსურთ გაიგოთ, როგორ ხდება სტატიების თარგმნა SUMO-სთვის, გთხოვთ, გაეცნოთ აქ.

Internet Service Providers (ISPs) in Kazakhstan have been prompting users to install a government-issued root certificate on their devices. Many users were not aware that the certificate was being used to intercept their network communications, enabling a Man-in-the-Middle (MITM) attack.

The security and privacy of HTTPS encrypted communications in Firefox and other browsers relies on trusted Certificate Authorities (CAs) to issue website certificates only to someone that controls the domain name or website. However, if you install a root certificate manually, you are choosing to trust a certificate that doesn’t necessarily have to follow any privacy and security standards.

For your security, Firefox will block the use of the Kazakhstan root CA certificate, considering it invalid even if you’ve installed it.

See the Mozilla Blog for more information.

How do I know if Firefox has blocked the Kazakhstan root CA certificate?

If you attempt to access a site that responds with this certificate, you will get an error message saying the certificate cannot be trusted.

How do I remove this certificate?

  1. In the Menu bar at the top of the screen, click Firefox and then select Preferences or Settings, depending on your macOS version.Click the menu button Fx89menuButton and select Settings.
  2. Go to the Privacy & Security panel.
  3. Scroll down to the end and click View Certificates.
  4. Under Authorities, select Qaznet Trust network from the list and click Delete.
You may have also installed the root certificate into the operating system (e.g. Windows, Android) of your device. If so, you must also follow instructions specific to your operating system to remove it, or else Firefox may not protect you from this threat.

What can I do to protect my privacy?

  • If you installed the root CA certificate, remove it immediately.
  • Change your passwords to a strong, unique password for each of your online accounts.
  • Research the use of virtual private network (VPN) software, or the Tor Browser, to access the Web. The Electronic Frontier Foundation provides helpful guidance on choosing a VPN (see Choosing the VPN That's Right for You).

დაგეხმარათ ეს სტატია?

გთხოვთ დაიცადოთ...

შესანიშნავი მოხალისეები, რომლებიც ამ სტატიის დაწერაში დაგვეხმარნენ:

Illustration of hands

მონაწილეობა

მიიღეთ და გაუზიარეთ გამოცდილება სხვებს. უპასუხეთ კითხვებს და გაამდიდრეთ ჩვენი ცოდნის წყარო.

ვრცლად