Firefox 71 has a new Certificates Viewer - gHacks Tech News

ADVERTISEMENT

Firefox 71 has a new Certificates Viewer

Mozilla plans to introduce a new Certificates Viewer in Firefox 71. The new viewer is enabled by default in recent Firefox Nightly builds already.

The majority of websites use the Uniform Resource Identifier scheme HTTPS to encrypt connections; more precisely, the communication protocol is encrypted using TLS or SSL. HTTPS protects against man-in-the-middle attacks and eavesdropping provided that the certificate that is used is trusted and that cipher suites without weaknesses are being used.

Internet users who want to verify certificates that sites use may use certificate viewers to do so. Firefox users have three options to do so:

  1. Right-click anywhere on the page and select Page Info. Switch to the Security tab and select View Certificate.
  2. Click on the icon next to the address, then on the arrow next on the next page close to the connection info part of the interface, then on More Info, and finally on View Certificate.
  3. Open the Developer Tools using F12, switch to Network, reload the page, and select the elements that you want to check. Switch to Security there to display certificate information.

These three methods will still be available when Firefox 71 is released on December 12, 2019.

Firefox's new Certificates Viewer

firefox new certificate viewer

Mozilla plans to introduce the new Certificates Viewer in Firefox 71. Nightly is the only version of Firefox that is already at that version and users of the cutting edge version of Firefox may test the new Certificates Viewer already.

Tip: a preference is used to determine whether the old or new Certificates Viewer is launched when Firefox users select the option. You may edit the preference security.aboutcertificate.enabled on about:config to enable (True) or disable (False) the new viewer for certificates once it is integrated in the Firefox version that you run. You can follow this bug to monitor the implementation and this bug to follow development.

The redesigned Certificates Viewer opens in its own tab in Firefox instead of its own window. The viewer users the about:certificate URI but you cannot open it without specifying a certificate. Mozilla developed it using modern web technologies and the open source WebExtension Certainly Something as its blueprint.

The native Certificates Viewer looks practically identical to the Firefox add-on; the only information bit that is missing is the handshake part that the extension displays on top of the certificates listing.

The Certificates Viewer displays all relevant information when you launch it including validity, fingerprint, public key, and issuer information. The switch to displaying certificate information in a tab ensures that information display well regardless of browser or screen size; additionally, since the display is not restricted anymore to the boundaries of the popup window that Firefox uses to display it currently, more information is displayed at the same time on the screen if the size of the tab is large enough for that.

Now You: do you use a Certificates Viewer in your browser of choice? What is your take on the new implementation?

Summary
Firefox 71 has a new Certificates Viewer
Article Name
Firefox 71 has a new Certificates Viewer
Description
Mozilla plans to introduce a new Certificates Viewer in Firefox 71. The new viewer is enabled by default in recent Firefox Nightly builds already.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: »

Comments

  1. Thor said on August 27, 2019 at 12:58 pm
    Reply

    Why? Was anything wrong with the old viewer? How about fixing the “Print” function. That *is* severely broken!

    1. April King said on August 27, 2019 at 5:13 pm
      Reply

      Yes, the old certificate viewer only showed about a third of a certificate’s information. It was missing very important information, such as CT log entries.

      It was also contained in a tiny window dating from the early 2000s and depended on a bunch of XUL and other old code that was difficult to maintain.

      1. Tom Hawack said on August 27, 2019 at 6:41 pm
        Reply

        @April King, I see on AMO that you’ve developed already together with Mozilla the ‘Certainly Something (Certificate Viewer)’ extension. Is it this very extension which is planned to be integrated natively in Firefox 71?

      2. April King said on August 27, 2019 at 7:52 pm
        Reply

        Yep, exactly. That’s the extension that is getting pulled into Firefox natively. :)

    2. Flotsam said on August 28, 2019 at 1:33 am
      Reply

      @ Thor

      People still print stuff? How quaint! I can’t remember the last time I printed something. Probably about the same time I last burned a DVD.

  2. Tom Hawack said on August 27, 2019 at 3:26 pm
    Reply

    I don’t know how to interpret a Certificate, hence no dedicated viewer, hence FF71 announced new Certificate Viewer would be as useful for me as getting into an aircraft’s cockpit.

    I do understand the pertinence of secured connections, the fact that a Certificate may be baloney, but that’s about all. I use an extension which requires no knowledge and will only check the security status of secured sites, ‘CheckMyHTTPS’, but that won’t explain how to read an SSL Certificate, it’s just a tool.

    I observe security inflation. After unsecured http the big thing was getting sites to https. Now we know that https is not enough, is not reliable, it may be spoofed. What’ll be next?

  3. Airin said on August 27, 2019 at 4:06 pm
    Reply

    It should be TLS (Transport Layer Security), not TSL.

    1. Martin Brinkmann said on August 27, 2019 at 5:50 pm
      Reply

      Thank you!

  4. Sker said on August 27, 2019 at 4:48 pm
    Reply

    I want to remove “trusted” certificates like anything from china,netherlands,turkey etc. not only for the session, permanently from the browser. How should i do that?

    Typo: “TSL”

    1. Martin Brinkmann said on August 27, 2019 at 5:49 pm
      Reply

      Thank You!

  5. John Fenderson said on August 27, 2019 at 5:29 pm
    Reply

    I use my browser’s certificate viewer on occasion, to confirm that all is well when I’m changing or installing my own certs. The new viewer looks fine to me (the old viewer looked fine as well).

  6. Anonymous said on August 28, 2019 at 10:47 am
    Reply

    A cert viewer is only useful to me when checking the strength of a ciphersuit before logging into a website, so to ascerain forward secrecy on my passwords is maintained.

  7. PD said on August 28, 2019 at 10:52 am
    Reply

    Good to see, well overdue.

  8. Mike said on August 30, 2019 at 12:59 am
    Reply

    I’ve been using the openssl command-line tool to retrieve the certificate from a web site and parse it that way. But it’s clumsy, even for a command-line native. This new viewer looks much better and is easy to use. If I understand the location bar correctly, I could even view local .crt files by simply pulling out the hex codes, stringing them together and then opening ‘about:certificate?cert=’+the_cert_string, which would be fantastic.

  9. Anonymous said on September 6, 2019 at 1:17 pm
    Reply

    I’m still missing extensions that rate the grade of the SSL/TLS connection. My two favorite addons

    Calomel SSL Validation
    https://calomel.org/firefox_ssl_validation.html

    and

    SSleuth
    https://github.com/sibiantony/ssleuth (see also: )

    are not available on modern Firefox anymore. :-( Maybe “IndicateTLS () can fill the gap in the future. Is anyone aware of other alternatives to SSleuth or Calomel SSL validation?

  10. Anonymous said on September 6, 2019 at 1:39 pm
    Reply

    Two further links that I had included in my previous posting concerning SSleuth and Indicate TLS are missing. I give them here as reference again, i.e the text fragment “(see also: )” should point to https://github.com/sibiantony/ssleuth/issues/78 and “Indicate TLS ()” should link to https://addons.mozilla.org/en-US/firefox/addon/indicatetls/

    1. Tom Hawack said on September 13, 2019 at 3:05 pm
      Reply

      I’ve been as well a user of Calomel before switching to Sleuth, before FF57 of course.
      The IndicateTLS Firefox extension seems interesting, maybe with a greater extension than I first thought now that I dig a little more into its potential.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.