Firefox 66.0.4 and 60.6.2 ESR fixes Add-on issue

Mozilla[German]Mozilla’s developers have released Firefox browser updates that fix the certificate issue that leads to Add-on deactivation. Both Firefox 66.04 and Firefox 60.6.2 ESR are available to fix this issue. The Tor browser does not have a fix yet, but you can try a temporary solution. Here is the information you need.


Advertising

The reason for the update

Users of the Firefox browser were unpleasantly surprised on May 4, 2019. An expired developer certificate resulted in digitally signed Add-ons being denied service and deactivated in the browser. New Add-ons could no longer be installed.

Firefox: Download fehlgeschlagen. Bitte überprüfen Sie ihre Verbindung

When trying to download and install one of the Add-ons (e.g. uBlock Origin), the message “Download failed. Please check your connection”. I had blogged about this within the article Firefox: Expired certificate disables addons (May 4, 2019).

Mozilla’s developers then provided within hourss fix for this issue. This fix installs an interim certificate in the browser, so the digitally signed Add-ons ran again. The fix should be installed by Firefox itself – but this didn’t work for all users of ESR versions and also for the normal Firefox versions.

Within my German blog post Fix für Firefox Addon-Problem und ‘Der Download ist fehlgeschlagen’ I had shown how to force the fix to install. Also Mozilla’s developer has a how to Update Regarding Add-ons in Firefox. This approach is still preferable if the following solution in the form of the Firefox update is not to be used.


Advertising

Firefox 66.0.4 released

Already on Sunday the developers started to provide release candidates for Firefox 66.0.4, which contained a certificate fix and could be downloaded via FTP server. You can find the corresponding hints in the German blog post Fix für Firefox Addon-Problem und ‘Der Download ist fehlgeschlagen’. On Sunday evening Mozilla’s developers released a final of Firefox 66.0.4 (see Mike’s comment – thanks for that).

Firefox 66.0.4-Update

For my Firefox 66.0.3 portable I clicked Help – About Firefox in the menu and got the update already offered (see screenshot above). If the update does not come, you can also download and install Firefox 66.0.4 manually.

Then search for the subdirectory (e.g. de) for the desired language and open it with a mouse click. An installer is offered as .exe and .msi file for download. For security reasons you should use the .msi installer.

In the comments (here) the release notes for Firefox 66.0.4 were linked. There it says:

Repaired certificate chain to re-enable web extensions that had been disabled

The update to the new version fixes the certificate problem, so that the addons should be activated again. However, this does not work for all addons. The developers write in the release notes:

  • A small number of add-ons may be listed as unsupported or may not appear in about:addons. Their data is not lost; users should be able to re-install the add-ons and recover the data.
  • If add-ons that use Containers functionality (such as Multi-Account Containers and Facebook Container) were disabled as part of this problem, any lost site data or custom configurations for those add-ons will not be recovered by this release. Users may need to set them up and login again in about:addons.
  • Themes may not be re-enabled. Users may need to re-enable them in about:addons. Home page or search settings customized by an add-on may be reset to defaults. Users may need to customize them again in about:preferences or about:addons.

A German reader suggest to wait, if users don’t need Firefox 66.0.4 urgently. The reason are the known issues mentioned above. Mozilla’s developers has added a paragraph to the blog post Add-ons disabled or failing to install in Firefox, saying:

A Firefox release has been pushed — version 66.0.4 on Desktop and Android, and version 60.6.2 for ESR. This release repairs the certificate chain to re-enable web extensions, themes, search engines, and language packs that had been disabled (Bug 1549061). There are remaining issues that we are actively working to resolve, but we wanted to get this fix out before Monday to lessen the impact of disabled add-ons before the start of the week. More information about the remaining issues can be found by clicking on the links to the release notes above. (May 5, 16:25 EDT)

Firefox ESR 60.6.2 released

Those working with the Extended Support Release (ESR) versions of Firefox can update to Firefox ESR 60.6.2 due to the add-on problem. Blog reader Mike points this out in this comment. The Firefox ESR 60.6.2 can be downloaded from this Mozilla website. The same restrictions apply as for Firefox 66.0.4 (see above).

Fix for Tor browser not yet available

When I wrote this blog post, the Tor bundle, which also gets Firefox as a browser, was still unfixed. When writing the blog post, the Tor browser showed me a yellow warning bar. This tells me that addons are disabled. On the Tor project page, I also found the note ‘NoScript Temporrily Disabled in Tor Browser’:

Tor NoScript-Information

The yellow warning bar no longer appeared the next time I used Tor browser. I then entered about:addons in the address bar and checked the list of addons.

Tor-Addons

The NoScript add-on was missing. This is another add-on of the old type, which was deactivated according to the above statement. This is also shown when I clicked on the link Show extensions of the old add-on type.

NoScript in Tor abgeschaltet

The addon has been disabled because of the certificate issue – Tor browser security is no longer given. If you absolutely need the addons, you can import the certificate manually from the Tor Bundle Firefox browser. The developers have published an English how to, to fix this.

  • Type about:config in the address line and use the search field to search for xpinstall.signatures.required.
  • Change the entry to False by double clicking on it. Then the NoScript add-on is no longer digitally verified.

However, this is only a temporary solution and you will be clearly warned when calling about:addons again.

Tor-Warnung
(Tor-Warning, Click to zoom)

When Tor developers release a new version, repeat the above steps and reset xpinstall.signatures.required to true.

Addendum: Tor browser has been updates on May 7, 2019, see Tor-Browser 8.0.9 released (May 7, 2019)


Advertising
This entry was posted in browser, Software, Update and tagged , . Bookmark the permalink.

6 Responses to Firefox 66.0.4 and 60.6.2 ESR fixes Add-on issue

  1. Dave Page says:

    This is all great news — UNLESS you’re on Windows XP. No mention has been made that the ESR update that fixes this Certificates blunder is only for Win 7/8/10 users (see: https://www.mozilla.org/en-US/firefox/60.6.2/system-requirements/) — the 100s-of-millions of people who still use XP and relied on ESR to continue using FF are now up shit-creek.

    FF ESR 52.9 — works on XP, certificates screwed (no NoScript, no AdBlockPlus).
    FF ESR 60.6.2 — certificates fixed, no longer XP-compatible

    Well-done Mozilla — Micro$oft couldn’t have purged the XP remainers better…

  2. EP says:

    Firefox 67 betas also affected as well.
    update to Firefox 67 beta 17 for those who were beta testing any previous Firefox 67 beta and reinstall any affected addons.

  3. Thomas Fedeneder says:

    Interresting background. Thanks for posting.

  4. Advertising

  5. Dave Page says:

    BUMP:

    “…FF ESR 52.9 — works on XP, certificates screwed.
    FF ESR 60.6.2 — certificates fixed, no longer XP-compatible”

    As they have released a new ‘fixed’ version of ESR that is NON-XP compatible, what is actually going to happen about XP FF users? Is any statement forthcoming from Mozilla or should we simply give up on them and move to another browser?

    Inept, clownish…

Leave a Reply

Your email address will not be published. Required fields are marked *