How to permanently delete root CAs from mozilla products?

Craig White craigwhite at
Sat Sep 17 22:12:34 UTC 2011

On Sat, 2011-09-17 at 16:59 -0300, Fernando Cassia wrote:
> On Sat, Sep 17, 2011 at 16:46, David <dgboles at> wrote:
> > Sure there is. They come with the Firefox and Thunderbird updates. They
> > are named security updates.
> >
> > --
> >
> >  David
> I mean if you accidentally delete good certificates ie AOL, Comodo,
> RSA, there is no way to easily reset certificates to the default state
> other than deinstalling and reinstalling the whole browser.
Firefox => Edit (menu) => Preferences => Advanced (tab) => Encryption
(tab) => View Certificates (button)

Select a certificate in the list - click 'Edit'

You can choose to trust, what to trust or not to trust.

If I understand it correctly, there's no point in 'de-installing' and
're-installing' FF/TB if your profile remains, then the state of your
personal certificates remains. You can create a new profile any time you
want, import/move your bookmarks/cookies/whatever.
> Of course you can wait for future security updates that includes
> updates to the certs, but what if none comes in the next update?.
I think if the certificate is new in an FF/TB update, then it will be
added to your personal (the one in your profile) certificate store,
otherwise, it won't. If it were completely deleted from your personal
certificate store, it might very well be added again the next time you
start either FF/TB.


This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the users mailing list