Where does Firefox store cerificates and how to delete one?
Posted
by majid4466
on Super User
See other posts from Super User
or by majid4466
Published on 2010-04-30T08:48:49Z
Indexed on
2010/04/30
20:49 UTC
Read the original article
Hit count: 153
Hi all,
The root cause of my problem is not known to me, whatever it is, I experience frequent DNS failures. When it happens I cannot browse to my Gmail inbox. I use two DNS settings. One is the public DNS server offered by OpenDNS, and the other is Google's free DNS server. When this happens I switch from the active setting to the other one and the problem goes away. But there is a side effect to this. When browsing to Gmail fails to load, after switching the DNS I receive an error saying the security certificate the site uses is only valid for OpenDNS.
This my wild guess at what is going on:
- OpenDNS fails to resolve mail.google.com to its IP,
- My ISP sends me a page showing search results for 'mail.google.com'
- Since I have received some sort of page instead of a timeout, the browser, mistakenly, binds the certificate it has cached for 'mail.google.com' to the new domain. This search page is not served by https so not exception is thrown by the wrong binding
- After switching the DNS, the domain is correctly resolved to Gmail server's IP and since his is on https the handshake is triggered.
- Now, because of the wrong binding, which passed quietly as no handshake was involved, I receive the error saying the certificate used by 'mail.google.com' is only good for openDNS
I don't know much about DNS, less about https and the process of establishing a secure connection. How correct is my explanation? How can I delete the wrong association and/or the certificate?
Thanks for listening.
P. S. The problem goes away by itself, but sometimes it takes several hours before Gmail works again.
© Super User or respective owner