Is there a way to make Firefox ignore invalid ssl-certificates

Question

I am maintaining a few web applications  The development and qa environments use invalid outdated ssl-certificates   Although it is generally a good thing  that Firefox makes me click like a dozen times to accept the certificate  this is pretty annoying   Is there a configuration-parameter to make Firefox  and possibly IE too  accept any ssl-certificate   EDIT  I have accepted the solution  that worked  But thanks to all the people that have advised to use self-signed certificates  I am totally aware  that the accepted solution leaves me with a gaping security hole  Nonetheless I am to lazy to change the certificate for all the applications and all the environments     But I also advice anybody strongly to leave validation enabled

User · Answer

I ran into this issue when trying to get to one of my companies intranet sites. Here is the solution I used:

enter about:config into the firefox address bar and agree to continue.
search for the preference named security.ssl.enable_ocsp_stapling.
double-click this item to change its value to false.

This will lower your security as you will be able to view sites with invalid certs. Firefox will still prompt you that the cert is invalid and you have the choice to proceed forward, so it was worth the risk for me.

User · Answer

Create some nice new 10 year certificates and install them  The procedure is fairly easy   Start at  1B  Generate your own CA  Certificate Authority  on this web page  Creating Certificate Authorities and self-signed SSL certificates and generate your CA Certificate and Key  Once you have these  generate your Server Certificate and Key  Create a Certificate Signing Request  CSR  and then sign the Server Key with the CA Certificate  Now install your Server Certificate and Key on the web server as usual  and import the CA Certificate into Internet Explorer s Trusted Root Certification Authority Store  used by the Flex uploader and Chrome as well  and into Firefox s Certificate Manager Authorities Store on each workstation that needs to access the server using the self-signed  CA-signed server key certificate pair   You now should not see any warning about using self-signed Certificates as the browsers will find the CA certificate in the Trust Store and verify the server key has been signed by this trusted certificate  Also in e-commerce applications like Magento  the Flex image uploader will now function in Firefox without the dreaded  Self-signed certificate  error message

User · Answer

Instead of using invalid outdated SSL certificates  why not use self-signed SSL certificates   Then you can add an exception in Firefox for just that site

User · Answer

Go to Tools   Options   Advanced  Tab       Encryption Tab  Click the  Validation  button  and uncheck the checkbox for checking validity  Be advised though that this is pretty unsecure as it leaves you wide open to accept any invalid certificate  I d only do this if using the browser on an Intranet where the validity of the cert isn t a concern to you  or you aren t concerned in general

User · Answer

Try Add Exception  FireFox -  Tools -  Advanced -  View Certificates -  Servers -  Add Exception

User · Answer

Using a free certificate is a better idea if your developers use Firefox 3   Firefox 3 complains loudly about self-signed certificates  and it is a major annoyance

User · Answer

If you have a valid but untrusted ssl-certificates you can import it in Extras Properties Advanced Encryption --  View Certificates  After Importing ist as  Servers  you have to  Edit trust  to  Trust the authenticity of this certifikate  and that  it   I always have trouble with recording secure websites with HP VuGen and Performance Center

User · Answer

The MitM Me addon will do this - but I think self-signed certificates is probably a better solution

User · Answer

For a secure alternative  try the Perspectives Firefox add-on  If this link doesn t work try this one  https   addons mozilla org en-US firefox addon perspectives

[firefox] Is there a way to make Firefox ignore invalid ssl-certificates?

Examples related to firefox

Examples related to ssl