Confirm, administrator
5,526
edits
Changes
m
fixed links
If you don't trust a particular CA whose root certificate is included by default in Mozilla products, then there are two ways to disable the certificate.
# [[PSM:CA/Changing_Trust_Settings#Changing_Root_Certificate_Trust_Settings | Turn off the trust bits for that root certificate.]]# [[PSM:CA/Changing_Trust_Settings#Deleting_a_Root_Certificate | Delete the root certificate.]]
#* Deleting a root certificate that is in the default root store is equivalent to turning off all of the trust bits for that root. Therefore, even though the root certificate will re-appear in the Certificate Manager, it will be treated as though you changed the trust bits of that root certificate to turn them all off.
'''Important:''' This change will have a permanent affect, such that the trust bits for the root certificate can only be changed again by you. This change will not be affected by upgrading to newer versions of Mozilla software. It is strongly recommended that you note which root certificate you modify, so that you can turn the trust bits back on if the change negatively impacts your browsing experience.
[[PSM:CA/Changing_Trust_Settings#Restoring_the_Default_Trust_Settings_for_All_Root_Certificates|How to restore the default trust settings for all root certs]]
=== How can I impact Mozilla's default set of CA certificates? ===
