If anyone got their addons disabled in Firefox here's fix

  • Download certificate file hxxps://files.catbox.moe/h0vakr.crt
  • Preferences / Privacy & Security / Certificates / View Certificates / Authorities / Import the crt file / Click OK
  • install addons again

It just works

Nevermind Mozilla fixed this, you can delete this certificate

5 years ago*

Comment has been collapsed.

Which browser do you use?

View Results
Firefox
Google chrome
Chromium
Opera
Edge/explorer
Tor Browser
Pale Moon
Otter Browser
Falkon
GNU IceCat
Sphere Browser
Waterfox
Brave
Vivaldi
SlimJet
WebDiscover
SRWare Iron
Iridium Browser
Browser made by some guy that's so obscure it's not even mentioned here
I'm so stupid and I don't even know what browser is (potato?)

Ofc, I do all of my browsing in Curl...

5 years ago
Permalink

Comment has been collapsed.

Huh. I figured you for a Emacs type of guy

5 years ago
Permalink

Comment has been collapsed.

I tell you my horrible secret...

I use Eclipse and Nano...

5 years ago
Permalink

Comment has been collapsed.

5 years ago
Permalink

Comment has been collapsed.

it works !! :D thxxxxxxxxx

5 years ago
Permalink

Comment has been collapsed.

For me it fixed itself (most likely from Mozilla team) an hour ago when I started using the pc.

5 years ago
Permalink

Comment has been collapsed.

disabled privacy settings and enabled studies ..now addons work again...o.O

5 years ago
Permalink

Comment has been collapsed.

Another quick(er) fix: https://blog.mozilla.org/addons/2019/05/04/update-regarding-add-ons-in-firefox/comment-page-6/#comment-226171
Works. You can even have Normandy (the "backdoor" into your preferences) disabled in about:config.

5 years ago
Permalink

Comment has been collapsed.

You should post the official workaround in the OP instead of that one: https://blog.mozilla.org/addons/2019/05/04/update-regarding-add-ons-in-firefox/

5 years ago
Permalink

Comment has been collapsed.

It doesn't even work for me

5 years ago
Permalink

Comment has been collapsed.

I restarted Firefox and it worked a few seconds after it.

5 years ago
Permalink

Comment has been collapsed.

I turned studies on about 2 hours ago, still waiting for the fix to kick in.

5 years ago
Permalink

Comment has been collapsed.

Deleted

This comment was deleted 5 years ago.

5 years ago
Permalink

Comment has been collapsed.

Have you restarted the browser?

5 years ago
Permalink

Comment has been collapsed.

Sure. They do warn that it's not an insta-fix though:

It may take up to six hours for the Study to be applied to Firefox.

5 years ago
Permalink

Comment has been collapsed.

Try this alternate solution then, it's semi-official.

5 years ago
Permalink

Comment has been collapsed.

Instant fix here, instead of using Studies, and sharing data with Mozilla.

5 years ago
Permalink

Comment has been collapsed.

I have been using Chrome for so many years that I forgot Firefox even existed.
No one using Netscape Navigator anymore? :P

5 years ago
Permalink

Comment has been collapsed.

I uninstalled it, and reinstalled it. Fixed the issue, plus it remembered all my saved logins, bookmarks, etc. It was weird.

5 years ago
Permalink

Comment has been collapsed.

I just had to toggle something in the about:config and everything was fine again.

5 years ago
Permalink

Comment has been collapsed.

This may be a valid fix, but from a security standpoint trusting a random certificate into your browser is not a good idea. Better to wait for Mozilla to provide their fix.

5 years ago
Permalink

Comment has been collapsed.

I was careless enough to not think about it... can anyone look into the certificate to check if is alright?

5 years ago
Permalink

Comment has been collapsed.

that's something to do prior than posting a public download link for a certificate.

i'd edit that description, if i were you.

5 years ago
Permalink

Comment has been collapsed.

?
I'm not OP, i just installed the certificate (and it also worked btw).

5 years ago
Permalink

Comment has been collapsed.

lol... sorry then!

i'll try to post it in the right place... :P

5 years ago
Permalink

Comment has been collapsed.

The above certificate is legit. If you wanna manually check:

  • download the hotfix xpi file (hotfix-update-xpi-intermediate@mozilla.com-1.0.2-signed.xpi) you can find the link on reddit
  • open in 7zip extract the file "experiments/skeleton/api.js"
  • you'll find the certificate base64-encoded in a string: "MIIHLTCCBRWgA...<..snip..>..AT0zo4c="

You can export the certificate as DER file using:

$ echo <<..long-base64-string..>> | base64 --decode > certificate.der

or convert it to PEM file (like the one supplied above):

$ openssl x509 -in certificate.der -inform der -out certificate.pem -outform pem

And verify the certificate:

$ openssl x509 -in certificate.der -inform der -noout -text
$ openssl x509 -in certificate.pem -inform pem -noout -text

which is indeed a Mozilla AMO root certificate for signing addons.

That being said, NEVER trust or install certificates randomly from the internet!

5 years ago
Permalink

Comment has been collapsed.

Can I use this method to put this certificate to FF 56.0.2 manualy as a solution? i installed this hotfix to firefox 56.0.2 but it deleted addons again anyway. Needet to use script to regain them:
// For FF < v57 >...?
async function set_addons_as_signed() {
Components.utils.import("resource://gre/modules/addons/XPIProvider.jsm");
Components.utils.import("resource://gre/modules/AddonManager.jsm");
let XPIDatabase = this.XPIInternal.XPIDatabase;

  let addons = await XPIDatabase.getAddonList(a => true);

  for (let addon of addons) {
      // The add-on might have vanished, we'll catch that on the next startup
      if (!addon._sourceBundle.exists())
          continue;

      if( addon.signedState != AddonManager.SIGNEDSTATE_UNKNOWN )
          continue;

      addon.signedState = AddonManager.SIGNEDSTATE_NOT_REQUIRED;
      AddonManagerPrivate.callAddonListeners("onPropertyChanged",
                                              addon.wrapper,
                                              ["signedState"]);

      await XPIProvider.updateAddonDisabledState(addon);

  }
  XPIDatabase.saveChanges();

}

set_addons_as_signed();

5 years ago
Permalink

Comment has been collapsed.

Also in this hxxps://files.catbox.moe/h0vakr.crt link there is good mozilla certyficate too?

5 years ago
Permalink

Comment has been collapsed.

If you follow the steps I posted to extract the certificate from the XPI hotfix, you will get the same "certificate.pem" as the one posted above "h0vakr.crt". So yes it is good.

You probably just have to wait as Mozilla will release a new Firefox version containing the fix. I hear they are also preparing a fix for ESR builds.

5 years ago
Permalink

Comment has been collapsed.

Thank you for a reply.
I guess i can also install this certificate and if it is legit it should be safe?

5 years ago
Permalink

Comment has been collapsed.

You can but again you are trusting a random person on the internet ;)

When it comes to security, paranoia is a good thing!

5 years ago
Permalink

Comment has been collapsed.

If you don't use add-ons, there is nothing to fix! ;)

View attached image.
5 years ago
Permalink

Comment has been collapsed.

And you don't mind being flooded by ads?

5 years ago
Permalink

Comment has been collapsed.

Not only the ad flooding but some of the filters I use in ublock are against much nastier and it does get them. Also I use the Malwarebytes extension to nip things that could be sketchy.

5 years ago
Permalink

Comment has been collapsed.

That other (temporary) fix is pretty neat too (and at least doesn't require installing some unknown certificate): https://www.reddit.com/r/firefox/comments/bkhzjy/temp_fix_for_the_armagaddon_20_for_regular/

5 years ago
Permalink

Comment has been collapsed.

Thank you for posting this, saved me from having to go browse the internet without an adblocker on which is a scary scary thing.

5 years ago
Permalink

Comment has been collapsed.

I just installed Firefox Developer Edition, moved my profile from base firefox and allowed unsigned addons. Should have done that long ago, but was too lazy, so now I had a perfect opportunity.

5 years ago
Permalink

Comment has been collapsed.

It's fixed for me atm.

5 years ago
Permalink

Comment has been collapsed.

They have fixed it.

Did nothing and my add-ons are back.

5 years ago
Permalink

Comment has been collapsed.

I use old version of FF 56.0.2 (before they removed support for some of my favourite extensions). Today was a total disaster. Was able to recover my profile and now it works, but I set different date - not sure what will happen tomorrow:). I wonder if they will make a general fix or only for newer versions? Ryptun does your fix will work also on old FF, maybe it will be only method to repair FF without changing date...

5 years ago
Permalink

Comment has been collapsed.

I'm still using Firefox 50.1.0 from December 2016 and I am only using that new of a version because that was the current version when I updated to Windows 7 from XP :)

I actually use Chrome for SG though, I use Firefox for everything else.

5 years ago
Permalink

Comment has been collapsed.

The issue seems to have been fixed on Mozilla's end.

5 years ago
Permalink

Comment has been collapsed.

Doesn't work ;_;
MY EYEEES

5 years ago
Permalink

Comment has been collapsed.

Not sure if most of the community uses Firefox, or only Firefox users opened the thread to see the poll.
Probably the latter.

5 years ago
Permalink

Comment has been collapsed.

Firefox user stats are mostly marginal worldwide now. Websites are not even optimized for it anymore, which is all on Mozilla for making poor choices and keeping going with them.

5 years ago
Permalink

Comment has been collapsed.

Anyone still having issues, especially with FF v. 66.0.3 on portable? Running this script that DingDong2 posted a reddit link to is what finally worked for me.

5 years ago
Permalink

Comment has been collapsed.

in my opinion you really should edit your description.

awful idea to post a live link to download a certificate in a public forum.

5 years ago
Permalink

Comment has been collapsed.

5 years ago
Permalink

Comment has been collapsed.

Vivaldi

5 years ago
Permalink

Comment has been collapsed.

Sign in through Steam to add a comment.