mozilla
Your Search Results

    cert_override.txt

    cert_override.txt is a text file generated in the user profile to store certificate exceptions specified by the user.  This file is used by Firefox, Thunderbird, and other XUL-based applications.

    Since there is no way to add easily an exception in a XULRunner 1.9 project, you can open the page in Firefox, accept the certificate, then copy the cert_override.txt to the XULRunner application profile.

    The syntax is described on this web site.

    Example

    Here is an example for a SHA1-256 hash algorithm. The key and the website are not valid:

    # PSM Certificate Override Settings file
    # This is a generated file!  Do not edit.
    some.website.com:443	OID.2.16.840.1.101.3.4.2.1	00:11:22:33:44:55:66:77:88:99:AA:BB:CC:DD:EE:FF:FF:EE:DD:CC:BB:AA:99:88:77:66:55:44:33:22:11:00	U	AAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA  AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA  AAAAAAAAAAAAAAAAAAAAAAAA    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA  AAAAAAAAAAAAAAAAAAAAAAAAAA==
    

    Fields

    Fields are separated by a tab character. Each line is terminated by a line feed character (UNIX format).

    1. domainname:port : port 443 for HTTPS (SSL)
    2. hash algorithm OID
      • SHA1-256: OID.2.16.840.1.101.3.4.2.1 (most used)
      • SHA-384: OID.2.16.840.1.101.3.4.2.2
      • SHA-512: OID.2.16.840.1.101.3.4.2.3
    3. Certificate fingerprint using previous hash algorithm
    4. One or more characters for override type:
      • M : allow mismatches in the hostname
      • U : allow untrusted certs (whether it's self signed cert or a missing or invalid issuer cert)
      • T : allow errors in the validity time, for example, for expired or not yet valid certs
    5. Certificate's serial number and the issuer name as a base64 encoded string

    Document Tags and Contributors

    Contributors to this page: Sheppy, Yanmorin
    Last updated by: Sheppy,