#StackBounty: #firefox #certificate #certificate-authority Remove all certificate authorities from a Firefox profile

Bounty: 100

Objective is to trust only certain certificates stored on the hard disk for that certain profile. Thus no certificate authorities are needed.

Tried without success:

  • Delete all CAs using Certificate Manager (part of Firefox Preferences)
  • Delete cert9.db in the profile
  • Clear cert9.db to 0 bytes and remove all permission flags so that Firefox may not change it

All three measures led to the CAs reappear (though not necessarily in cert9.db, at least if I removed write permissions to that file; but still in Certificate Manager of Firefox).

I wonder where the CAs come from. Does Firefox read them from the Internet if it misses them? I did not expect them to reappear at all.

How can I prevent that behavior?


Get this bounty!!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.