Update: Mozilla has issued a temporary fix for this issue. More information given at the end of the article.
Mozilla Firefox users are discovering that all of their addons were suddenly disabled. It turns out that this is being caused by an expired intermediary certificate used to sign Mozilla addons.
In numerous reports on Reddit, Twitter, and bug reports on bugzilla, users were stating that their Mozilla addons were suddenly disabled with a message stating that they "could be verified for use in Firefox".
If they tried to reinstall the addons from the Firefox add-on site they are shown an error stating "Download failed. Please check your connection."
From my tests, I was able to install some addons, but not others. This could be due to addons being signed by a different certificate that had not expired.
According to a bugzilla bug report, an intermediate signing certificate used to sign Mozilla addons expired on 5/4/19 at midnight UTC. As Mozilla addons have to be signed in order to be used in Firefox, once a computer reached that time the browser automatically disabled the addons.
The last post in this bug report is from Kevin Brosnan, a senior quality assurance engineer at Mozilla, who stated that they are aware of the problem and are looking into it.
Getting your addons working again
If addons are not that important to you, you can just wait for Mozilla to resolve the issue and your addons will start working again.
For those who do not want to wait and want to enable their installed extensions immediately, you have a few options:
Method 1: Turn your clock back a few days
The easiest method is to just turn your clock back a few days so that the certificate is not expired.
While this will work, it will also mean any site you go to with a certificate that expired today would work as well, your emails from a local mail client will have the wrong date, and some sites may show the wrong date.
Method 2: Install Firefox Nightly or Developer builds
Another option is to install the Developer or Nightly version of Firefox as these versions have the ability to disable the signature requirement for extensions.
To do this from the Developer or Nightly builds, you can go to about:config and search for xpinstall.signatures.required. Once at the setting, you should toggle the setting to false by double-clicking on it.
Once this setting is set to false, you should be able to use your disabled addons again.
Method 3: Enable addon debugging
A reader has offered the additional suggestion of enabling debug mode and installing the extensions locally from their XPI file.
"Just go to 'about:debugging' and check the box 'addon debugging', then load in the xpi file for the addons you need. Works for everyone and much less convoluted than the above mentioned workaround."
You can download addons directly from the Firefox Add-on site by right-clicking on the Add to Firefox button and select Save Link As... as shown below.
Update 5/4/19 10:25 AM EST: Mozilla has stated that they are issuing a temporary fix through their Studies system. This system allows them to push out changes to Firefox without performing a full upgrade.
In order to use the Study system, you need to make sure it is enabled under Firefox Preferences -> Privacy & Security -> Allow Firefox to install and run studies as shown below.
In order to see if the addon fix has been installed by Firefox, you can go to about:studies and look for a study called "hotfix-update-xpi-signing-intermediate-bug-1548973" in the Active studies or Completed studies list. You may also see a study called "hotfix-reset-xpi-verification-timestamp-1548973" in the Active or Completed studies as well.
If the hotfix is installed, you can disable the studies again if you no longer wish to receive them and your addons should be working again.
Comments
ddeerrff - 5 years ago
I've stayed at v55 because I don't like the newer gui's. Most of my addons have been disabled. I have "xpinstall.signatures.required" in the config, but setting it to false makes no difference. Very pissed at this point.
NickAu - 5 years ago
Yup just found out the hard way
https://www.bleepingcomputer.com/forums/t/697101/firefox-disabled-addons/
respoda - 5 years ago
Just go to 'about:debugging' and check the box 'addon debugging', then load in the xpi file for the addons you need. Works for everyone and much less convoluted than the above mentioned workaround.
Lawrence Abrams - 5 years ago
Added it as a suggestion to the article.
Ittechwiz - 5 years ago
FIX: so far I have been able to fix all of my clients by removing lastpass from firefox, closing firefox, changing the date on the computer to 5/2, reopening firefox and then re-adding the lastpass add in, it works, I then changed the date back to normal , I have also closed firefox and reopened and the add in and it still works.
Annaa - 5 years ago
What is lastpass?
forum11 - 5 years ago
A popular password manager.
Artillain - 5 years ago
I tried installing ublock origin from github. In both recent releases, firefox said that the file is corrupt. Beginning to think Firefox shut out all the browsers on purpose.
Annaa - 5 years ago
Firefox disabled all my add-ons and extensions. Went to their website to download approved ad block and it said was corrupted. Can't download any ad blockers. Off to Chrome.
forum11 - 5 years ago
For people that don't want the FF configuration hassle, temporarily using another browser might be the best temporary solution. Maybe check back with FF in a few days.
jmwoods - 5 years ago
I restored my backed up profile, restarted Firefox, and all add-ons were visible and working at this time.
buddy215 - 5 years ago
My Firefox extensions are working this morning....NoScript....Adblock Plus.
NoScript was one mentioned as being blocked. My OS is Ubuntu. My clock is
correct.
buddy215 - 5 years ago
https://discourse.mozilla.org/t/certificate-issue-causing-add-ons-to-be-disabled-or-fail-to-install/39047
12:50 p.m. UTC / 03:50 a.m. PDT: We rolled-out a fix for release, beta and nightly users. The fix will be automatically applied in the background within the next few hours, you don’t need to take active steps.
In order to be able to provide this fix on short notice, we are using the Studies system. You can check if you have studies enabled by going to Firefox Preferences -> Privacy & Security -> Allow Firefox to install and run studies.
You can disable studies again after your add-ons have been re-enabled.
We are working on a general fix that doesn’t need to rely on this and will keep you updated.
Home Categories FAQ/Guidelines Terms of Service Privacy Policy
firefoxlisper - 5 years ago
When using "Method 3: Enable addon debugging" the downloaded plugins are not automatically enabled. You must do that manually:
On page "about:config" click button "Load temporary Add-on"
A file picker menu appears.
Go to the directory where you have saved the addons.
Double click the desired xpi file.
Repeat this step for all plugins you want to enable.
ranchhand_ - 5 years ago
I can't believe Mozilla did this. NoScript, the single best security utility out there (!), Cookie Auto Delete, DuckDuckGo Privacy Essentials, Google Analytics Blocker, uBlock Origin, all gone.
Didn't they even test their own changes first before publishing???
Artillain - 5 years ago
Things are fixed for me this morning. I am glad it was a screwup, and not what i had suspected. I'll continue to use firefox because i am truly concerned about google's browser monopoly.
Bullwinkle-J-Moose - 5 years ago
Everything works for 5-10 minutes after bootup
ALL plugins were disabled 2 minutes ago in Windows so I rebooted to Linux and they now work again for a few more minutes
Saturday (1P.M.)
Also, my copy of Windows is using Shadow Defender so it is basically Read Only and ALL plugings are re-enabled for about 10 minutes after every reboot
When booting to an unprotected copy of Windows or Linux, Plugins are disabled after 10 minutes and stay disabled after reboots
britechguy - 5 years ago
All my add-ons (including uBlock Origin) have been working fine since I hopped on this morning, and I have not restarted Firefox since before "the incident' occurred.
Mozilla seems to have handled this unexpected issue promptly and transparently, which I all I can ask for. Perfection in software is never going to be achieved, and every once in a great while something like this happens. I simply use one of the other browsers until the fix gets pushed out.
CmmTch - 5 years ago
How hard can it be to keep up with renewing a certificate(s) when you are Mozilla? It's not Steve Job in a garage, an error like this isn't a software problem/issue, it's an easily prevented amateurish mistake that affected who knows how many FF users. I tried their fix of 'allowing Studies', nothing happened, the study never flowed to me. I found this blog https://blog.mozilla.org/addons/2019/05/04/update-regarding-add-ons-in-firefox/ The 3rd response in that blog has a fix, it worked for me after installing, rebooting, was able to reinstall ABP (Adblock Plus with no issues)
[quote] Samuel Vuorela wrote on May 4, 2019 at 9:20 am:
Why not just post a link to the fix that can be installed WITHOUT enabling Studies? This sounds like a clever plan to get more people to share their data via Studies…
The fix in question can be installed by clicking this link [1]. It’s signed by Mozilla.
Thanks to user gpm at Hacker News, who posted this tip [2].
[1] https://storage.googleapis.com/moz-fx-normandy-prod-addons/extensions/hotfix-update-xpi-intermediate%40mozilla.com-1.0.2-signed.xpi
[2] https://news.ycombinator.com/item?id=19826903
[/quote]
komokwapj - 5 years ago
TU
no muss, no fuss fix
szemet1 - 5 years ago
v66.0.3
Enabled 'Studies', took for about 20 minutes to receive the hotfix, disabled 'Studies'.
Now all the add-ons are working again.
Zitch - 5 years ago
Easy Fix (for me)...Around 5 PM today, (5/4/19).I noticed UBlock Origin was no longer working. Tried to fix couple ways, nothing worked Actually could not add ANY adblockers at all !!! Finally went to Firefox/Options/Privacy and security/then UNCHECKED "Prevent accessibility services from accessing your browser" (which I had checked- its NOT default- then I reinstalled UBlock Origin- and it worked fine. Don't know if a fix was in at the same time, but my fix worked. After doing this, I rechecked privacy/prevent/accessibility 5 hours later still working....Ahhhh...computers.......
Zitch - 5 years ago
Noticed that Mozilla announced plans this week to block extentions that contain obfuscated code. I posted my fix above for adblocker problems, but it seems that there is more to come.Not to worry, this has happened before. The codes will get updated,
RosyBear - 5 years ago
Annoying. My Beta for Android add-ons went all blank (no theme and others), while the regular Firefox for Android just disabled ADB (funny thing, I share the very same theme among both phone versions- and on this latter is showing up without problems!).
So don't know what to think. Probably even my desktop Firefox has been affected, but can't check it right now. Btw can't do anything, just have to wait for a dedicated fix.
BeckoningChasm - 5 years ago
Well, my add-ons are all back, but Firefox's performance is just terrible. It's so slow as to be useless. I don't like the look-and-feel of Chrome but I'm starting to think that if Mozilla keeps screwing up like this, I may have to switch.
Zitch - 5 years ago
I am using the desktop version of Mozilla, and it is working fine. Are you using mobile version or desktop? Or both? Mozilla has a refresh feature at Help/Troubleshooting information/Refresh that may work for you. If you have made any changes in ABOUT:CONFIG you will need to redo them, as refresh removes them.Some Windows users have reported slowdowns because of Windows updates to protect against the Spectere/Meltdown exploits, but thats not likely your problem. Recheck all of your Mozilla settings, and Refesh it if needed. Beware of too many addons, could be a conflict ?
Maquett - 5 years ago
Had the same issues yesterday at the beginning of the afternoon, and now on my notebook... One issue is that the YT downloaders work only with Firefox, Chrome does not tolerate any extension for downloading the videos indeed). So ... dead end if no more downloader available for Fox in the next times ???
Tcoates - 5 years ago
I went to the preferences and clicked the boxes as shown but i do not have the "hotfix-update-xpi-signing-intermediate-bug-1548973" in the studies
pcpunk - 5 years ago
I don't use FF as my main browser, but think they fixed it quite fast. If you want really good security then you use FF, and that may entail a few bugs from time to time. All I did was Check for an Update and it was fixed, that was last night. I know, a little late, but as I said I'm not a big FF User, and there were fixes as we see here in this thread quite fast! Thanks to buddy215 for the official documentation.
RosyBear - 5 years ago
Luckily, last night they released v.66.0.4 also for Android. At least I have one healthy browser now.
barleysinger - 5 years ago
It’s *far* worse than that. The browsers that people in oppressive nations use to communicate (with one another, and the press, and authorities in other nations) without being killed is TOR. TOR is based on the Mozilla project. Anything done to Mozilla is also done to TOR.
The safest way to use TOR (if your life is in danger) is to use it on TAILS. TAILS is a stand alone OS that can boot from a USB stick on a whole lot of machines. It has provided safety for hundreds of millions of people in oppressive regimes... and for just about every single spy from a western nation. The CIA use TOR to keep their spies safe. They help fund the TOR project.
For TAILS & TOR to work together that certificate HAS to work.
During the period in which TOR has been partially crippled, hundreds of millions of highly vulnerable people around the world have been advertising who they are to oppressive regimes without knowing it.
You know all of those reports that mange to get out of places like North Korea, China? They come from using TOR with TAILS.
When MOZILLA let that certificate expire...TAILS no longer worked properly with TOR, so there was no longer a seriously safe way to communicate. .. and nobody knew it.
Pretty much every western spy uses TALKS with TOR. So do people in North Korea, Saudi Arabia, and China. And now those governments know exactly who the "trouble makers" are.
A whole lot of people are going to be jailed, tortured, or just plain murdered. Hooray for Mozilla, the company of idiocy and irresponsible actions.
I believe that it is extremely likely that the expiry of that certificate was not an accident. Some idiotic manager with limited technical ability, and with far too much power for their intelligence, made a decision to try and force Firefox users away from older versions of the browser and older add-ons. The company has been being difficult in that direction for a while now.
Bullwinkle-J-Moose - 5 years ago
They would be great points, except what you are saying is not true!
I was online with XP-SP2 without any Microsoft security updates and the plugins were "NOT" disabled on a very old Firefox edition
Newer versions of Windows like Spyware Platform 10 had the plugins disabled within 10 minutes, and that I think we can agree on
ddeerrff - 5 years ago
Add-on signing was not required before (I think) version 43.
firefoxlisper - 5 years ago
Today Ubuntu rolled out a firefox update that resolved the problem. All plugins are enabled after launch again.
Lawrence Abrams - 5 years ago
Have a link to any info about this update?
firefoxlisper - 5 years ago
No, I do not have a link. I simply noted it when running my daily security update routine on my local pc. I am regularly using Ubuntu Desktop.