Firefox: Expired certificate disables addons (May 4, 2019)

Mozilla[German]Firefox users are currently suffer from a fat bug. The browser disables since May 4, 2019 suddenly extensions (Addons). Background is an expired certificate. Update: Mozilla has just released a fix that will be rolled out in the coming hours (see article end).


Error: Addons suddenly no longer usable

German blog reader Guido B. already contacted me this morning by mail and shared his observations (thanks for that):

I was badly surprised when I just opened my FF and saw my addons disabled. According to a message from FF my extensions are probably not compatible anymore? ?

FF Version: 66.0.3 (64-Bit)

My installed extensions: uBlock Origin ….

For some entries there is a message like this::


Guido writes that he uninstall and reinstall Firefox. But that didn't help. If he tries to download and install one of the addons e.g. uBlock Origin now, the message "Download failed. Please check your connection" occurs – see the red bar in the following (German) screenshot.

Firefox: Download fehlgeschlagen. Bitte überprüfen Sie ihre Verbindung

Also my German blog post Firefox 66.0.3 freigegeben got some user comments, reporting this bug (thanks to all for the feedback). On Bleeping Computer this forum post deals with the bug – and in the social network I recognize the message this morning. Here is a screenshot of an addon status page in FF.


Disabled addons
(Disabled addons, Source: Bleeping Computer forum)

So something serious must have happened – and I didn't recognize, that Firefox has been updated this night.

It's a bug: A certificate is expired

Some hours ago there was an entry All All extensions disabled due to expiration of intermediate signing cert on Bugzilla with a rather banal explanation. A certificate simply expired.

Steps to reproduce:

Wait until it's past midnight on 2019-05-04 UTC.

Actual results:

All addons got disabled due not having valid signature.

Expected results:

If the signature was due to expire, it should have been renewed weeks ago. Not all extensions were disabled. Fakespot and Google Scholar Button were left in their disabled state.

Some reports on reddit 1 says that they had their clocks a day forward, but they may be just early canaries for the actual widespread issue.

Going backwards in time allows installation from AMO but do not remove the unsupported mark from the add ons already installed.

Martin Brinkmann points this out on (I noticed the post on, and at the same time provides an explanation. All Firefox extensions must be signed since Firefox 48 and Firefox ESR 52. Firefox blocks the installation of extensions with invalid or missing certificates.

Since Mozilla's certificate has expired, this now causes problems in the clients. On there is a mega thread on the topic. Currently, users can probably do little – unless they work with Nightly Builds, where the certificate check can be turned off, as Martin Brinkmann writes.

I found this reddit thread where a user suggest to use about:config to go to settings an set xpinstall.signatures.required to false. But my understanding ist, that this only helps in Firefox nightly builds.

According to this reddit thread all we can do: Wait and be patient. Mozilla's developers are working on a fix.

Catalin Cimpanu points out to that this will affect all Firefox users. A short test in my Firefox 66.0.3 portable confirms that I cannot install uBlock Origin.

Tor also affected – partly

Catalin Cimpanu also explicitly names the Tor browser – but I'd like to differentiate a bit after a test. If I call the Tor browser, the standard addons there will work according to my observations (otherwise I would have noticed that this morning).

Tor Addons

If I try to install a new addon in the Firefox of the Tor bundle, I get this message:

Fehler bei Addon-Installation

Some German users send me comments, that their Tor 8.0.8 'just refused to accept addons in Linux', so we only can be patient and wait. Mozilla has set up a status page – but I got 429 Too Many Requests. But I managed to get the page one time displayed. Current status (4.5.2018: 10:15): The Mozilla developers are currently testing a fix, but have deactivated the code signing until the test is successfully completed.

A temporary solution has been posted by one of my blog readers here.

Addendum: Mozilla has provided a fix

Mozilla just announced a fix for the certificate issue that will be automatically distributed to Firefox clients in the next few hours. Here is the tweet.

Cookies helps to fund this blog: Cookie settings

This entry was posted in browser, issue and tagged , . Bookmark the permalink.

9 Responses to Firefox: Expired certificate disables addons (May 4, 2019)

  1. krzemien says:

    Just splendid.

  2. Sheryah says:

    What a mess, I already downgraded to a previous version of Firefox to try to fix this. I already removed some add-ons. Tried to renew others then it gave me error message saying I do not have internet connection. Went to Firefox's Facebook page and saw they opted out of facebook, so there is no communication to us. I uninstalled my virus protector. I was just about to delete Firefox completely and make Chrome my primary browser. Luckily I saw this. Hopefully mine will also be fixed as some of the add-ons I use ALL the time.

  3. Chris Pugson says:

    This even applies to Firefox ESR 45.9.0 which I use with Windows XP. My teeth were well gnashed when Classic Noscript was scuppered. I use this to create custom settings files for Noscript 10 on the latest Firefox versions.

    I had no idea that such old but good and safe addons were living such a precarious existence.

  4. Advertising

  5. dcm1028hk says:

    *** UPDATE**

    I was on 66.0.4 and studies were APPLIED

    But install an older version re-enable the above addons..

    .BUT cannot update to latest versions

    Rest of past not working add-ons WORKING

    Everything BACK TO NORMAL

  6. Firefox 52 esr user says:

    "We rolled out a hotfix that re-enables affected add-ons. The fix will be automatically applied in the background within the next few hours."
    Thank you, but what about older firefox users? This "in the background" fix is for the birds if one has a version older than 57.

    We need a FIREFOX WEBPAGE that has the certificate for download with instructions. It is as simple as that. Not hard, no fanfare, just a certificate as the solution.

    • Fred says:

      Yes. THIS!!
      It seems impossible to get any status about what older ESR version users are supposed to do or even if there IS going to be a fix. Much more silence on this topic fromMozilla and I'll be deleting Firefox and migrating elsewhere.

  7. wyxchari says:

    – For updated Firefox: Options, Privacy & Security, Mark Allow Firefox to install and run studies
    – For old Firefox as v52 esr: about:config, xpinstall.signatures.required, false

  8. Reinhardt says:

    For old Firefox as v52 esr: about:config, xpinstall.signatures.required, false

    Im using latest old firefox 55, that step isn't working. I believe this certified error thing is simply the way Mozilla says "just upgrade your firefox" because a lot of people doesnt upgrade their firefox because of new firefox not compatible with their addons

Leave a Reply

Your email address will not be published. Required fields are marked *