How to add the Kaspersky root certificate to the Mozilla Firefox or Thunderbird certificate storage
This article concerns:
- Kaspersky Basic, Standard, Plus, Premium
- Kaspersky Anti-Virus
- Kaspersky Internet Security
- Kaspersky Total Security
- Kaspersky Security Cloud
- Kaspersky Small Office Security
- Kaspersky Free
With the help of a root certificate the browsers check the security and authenticity of websites. The root certificate also allows to decipher data transmitted between a website and the user's browser.
The majority of third-party applications and browsers use the root certificates from the OS certificate storage. For example, Google Chrome. Some apps use their own certificate storage. For instance, Firefox and Thunderbird.
The Kaspersky root certificate is added to the OS certificate storage upon a Kaspersky application installation. To avoid errors related to the control of encrypted traffic, the Kaspersky application reconfigures Firefox and Thunderbird to make them use the system certificate storage. Thus, before establishing a connection to a website, a browser verifies the website’s security and authenticity using the certificates from the OS certificate storage.
If the browser uses the Mozilla certificate storage, you should add the Kaspersky root certificate to this certificate storage manually. See the guide below. Otherwise the browser will be unable to open HTTPS-pages.
How to add the Kaspersky root certificate to the Mozilla Firefox or Thunderbird certificate storage
- Open Control Panel. For instructions, see Microsoft Help page.
- Open Internet Options.
- Go to the Content tab and click Certificates.
- Go to the Trusted Root Certificate Authorities tab, select the Kaspersky root certificate and click Export.
- Follow the steps of the Certificate Export Wizard.
- Click Next → Next, leave the export settings default.
- In the File name field, enter the full path to the folder to which you want to export the certificate. Specify the name of the file with the extension .cer. For example: С:\Users\Administrator\Documents\Kaspersky Lab.cer
Click Next.
- Click Done.
- Open Mozilla Firefox.
- Click
→ Options.
- Open Privacy and Security, scroll down and click View Certificates.
- Go to the Authorities tab and click Import.
- Select the certificate you got at step 5.
- Select Trust this CA to identify websites and Trust this CA to identify email users. Click OK.
The Kaspersky root certificate will be imported to the Mozilla Firefox and Thunderbird storage.
How to reconfigure Mozilla Firefox and Thunderbird to make them use the system certificate storage
- Open your browser - Mozilla Firefox or Thunderbird.
- If you use:
- Thunderbird: go to Options → General and click Config editor.
- Mozilla Firefox: in the address bar, enter about:config. Click Accept the Risk and Continue.
- In the search field, enter security.enterprise_roots.enabled.
- Click
to toggle the value to true. If the toggle is grayed out, then a Kaspersky application has its settings applied in the browser, and you don't need to make any changes.
- Make sure that the value of the string is true.
Mozilla Firefox and Thunderbird will be reconfigured to use the system certificate storage.