- CentOS: Disable Unneeded Services at Boot Time
- Screenshot: Untrust CNNIC from Mac OS's Keychain Access
- Remove CNNIC CA
- SANS Security Awareness Tips
- Secure Your Web Browsers
- Secure Firefox With Seven Key Add-Ons
- Configure PHP Securely
- Use Limited User Account on Windows
- Security Configuration Guides
- Set up SSH Tunneling on a Linux Workstation
Screenshot: Remove CNNIC from Firefox and Thunderbird
voyageur | February 4, 2010 - 30 weeks 2 days
Instead of removing CNNIC certificates from your system, we should mark them as "untrusted". This way, when your system updates its cerficates, they will not slip in. As a precaution, you might need to form the habit of checking the trusted certficates installed in your system periodically.
In Firefox/Thunderbird, click "Edit" (or Tool) -> Preference -> Advanced -> Encryption -> View Certificates. Then scroll down to find the "CNNIC" cert under root as well as under "Entrust.net". Select the cert, click "Edit", and the uncheck the three checkboxes. Do this on all CNNIC certs you find.
The screenshot below shows you how to find the CNNIC root cert and mark it as untrusted (Click on the image to see enlarged version):
The screenshot below show you how to find the CNNIC cert under Entrust.net (Click on the image to see enlarged version):
Recent comments
2 weeks 5 days ago
3 weeks 6 days ago
7 weeks 4 days ago
32 weeks 4 days ago
33 weeks 3 days ago
44 weeks 3 days ago
45 weeks 5 days ago
1 year 2 weeks ago
1 year 2 weeks ago
1 year 3 weeks ago