(new Soapbox())->shout(array_map('strtoupper', $opinions)); //Shaun's blog


Me, elsewhere

GitHub
parseword
Miscellaneous public code

Twitter
@parseword
I don't tweet much

XMPP chat
xmpp@shaunc.com
(Pidgin, Miranda, Swift, etc.)


Perfect is the enemy of good enough.

Armagaddon2 interim fix for Firefox 56 and other old versions

Posted May 04, 2019 by shaun

Update

Reddit user megalomaniacs4u has found a more elegant solution that you probably want to try first. It achieves the same goals (importing a good certificate, re-verifying your add-ons) in fewer, easier steps.


Original post

This is an interim fix for Armagadd-on 2.0 on Firefox 61, 56, and potentially other old versions. As of this writing, Mozilla's official hotfix XPI doesn't work on these versions, so manual workarounds are needed.

This process successfully reactivated my extensions on Firefox 61 and Firefox 56 under Windows. It also worked on an old copy of Firefox 48 for Mac OS X. I can't promise that your add-ons won't be disabled again in the future, but this might get them working for now.

There are two objectives: one, get a working Mozilla signing certificate imported into Firefox; and two, tell Firefox to re-verify your extensions. You must complete all of the steps below. Use this guide at your own risk. Make a backup of your Firefox profile directory before beginning.

Part One - Install Mozilla's unexpired signing certificate

  1. Download the stand-alone "intermediate hotfix update" XPI from here (right-click, Save Link As...). Don't install it - save the file to your computer.

  2. Extract the XPI. It's a ZIP file, you can use 7-zip or your archiver of choice to unzip it.

  3. In the extracted directory, open the experiments\skeleton\api.js file using your text editor.

  4. Look for the line that starts let intermediate = "MIIHLTCCBRWgA..... The long string inside quotation marks is a base64-encoded certificate file issued to Mozilla. Copy the string without the quotation marks, making sure to include the equals sign at the end.

  5. Paste that string into this online base64 decoder. Under "What to do with the source data," choose the "export to a binary file" radio button, and set mozilla.cert as the filename. Click "convert the source data" and save the resulting file to your desktop as mozilla.cert.

  6. In Firefox, go to Tools > Options > Privacy & Security. Scroll down to the "Certificates" section and click the "View Certificates" button.

  7. In the Certificate Manager, flip to the "Authorities" tab and click "Import." Choose to import the mozilla.cert file you saved previously. On the import dialog, make sure to enable the "identify websites" and "identify software makers" trust levels. (You can leave "identify email users" un-checked.)

Part Two - Tell Firefox to re-validate your add-ons

  1. In Firefox, go to about:profiles and find the entry for "Root Directory," and click the "Open Folder" button. This will open an Explorer window with your Firefox profile directory.

  2. Exit Firefox.

  3. Back in Explorer, look in the Firefox profile directory for a file named extensions.json. Make a backup copy of this file. You can just copy/paste it in the same directory and rename the copy to extensions.json.bak.

  4. Open extensions.json in a capable text editor. Windows built-in Notepad isn't a good idea. If you don't have a good developer's editor, consider Notepad++, there's a zipped no-installer version you can easily delete later.

  5. With extensions.json open in your text editor, you want to run two Replace All commands:

    • Replace all "signedState":-1 with "signedState":2

    • Replace all "appDisabled":true with "appDisabled":false

    These settings flag your extensions to be re-verified when Firefox runs again.

  6. Save the extensions.json file and exit your text editor.

  7. Start Firefox and go to Tools > Add-ons.

  8. Previously disabled extensions should have a green message about "This add-on will be enabled when you restart." Don't restart yet. Instead, manually click "Disable" and then "Enable" for all of the affected add-ons. Some of them will enable right away; a few may still give a message about restarting.

  9. After you've toggled all the affected add-ons, restart Firefox. If all went well, your extensions should be back in action.

Thanks to c borghi from this bugzilla comment which inspired my troubleshooting.



Recent articles

📰 Resolving "The lang/perl5.24 port has been deleted: Has expired" portmaster error

📰 Armagaddon2 interim fix for Firefox 56 and other old versions

📰 Strange DNS queries: qname "miep", qtype ANY

📰 Undeliverable as addressed: A massive broken spam campaign?

📰 Using WITH_META_MODE and ccache for FreeBSD build boosts

📰 Resolving subversion error E000013: Unable to create pristine install stream

📰 Enhancements to SmokePing's AnotherDNS probe

📰 Generating vanity DNSSEC key tags

📰 DDoS involving forged packets from 23.225.141.70

📰 Website integrity monitoring through version control

📰 SpamAssassin 3.4.2 fixes security problems, adds HashBL and phishing plugins

📰 Bug or turf war? ICQ via Pidgin now fails with "startOSCARSession: Request Timeout"

📰 🎂

📰 SFSQuery, a PHP class to query the StopForumSpam API and DNSBL

📰 Resolving portmaster error "pkg-static: automake-1.16.1 conflicts with automake-wrapper-20131203"

▲ Back to top | Permalink to this page