Rated 5 out of 5 stars
I was hoping to find a Mozilla Add-On which would show the SHA1 fingerprint of every certificate in the chain. ALL OTHER web browsers have that feature, except for Firefox. This feature is important for anyone who wishes to verify that their secure SSL connections are NOT being intercepted by an HTTPS proxy.
I am Steve Gibson of www.GRC.com, and I recently released a new service to show our view of remote servers so that users could compare the certificate fingerprints. Unfortunately, Google has their own intermediate CA, so they generate server certs with abandon. This makes is necessary for users to check the SHA1 fingerprint one step back up the chain... Google's CA. While IE, Chrome, Safari, Opera and others all allow this, ONLY Firefox does not.
IF you would/could add that feature to this otherwise fine product I would point many thousands of my visitors to your add-on for addition to their Firefox browsers.
Rated 5 out of 5 stars
Just the tool I needed. Worked perfectlyThis review is for a previous version of the add-on (1.7).
Improve security Rated 4 out of 5 stars
Just a thought for further security improvement: Certificates are bound to a domain name. The amount of companies that gives certificates based on a root is so large and untrustworthy, that it makes possible to get a certificate for any domain name (like done recently in Netherlands). When also DNS is hacked, one can setup a man-in-the-middle with a certificate. The only extra option is to have an extension that forces a match between certificate, domain name and (a range of) ip addresses. These addresses can be checked with dnsstuff etc. Checking the email address of a certificate and recheck it each time might be an other option of additional check.
it's only useful Rated 4 out of 5 stars
This should be a build-in for firefox and thunderbird.
While composing a message at thunderbird, i can "show security information".
There I can't see, which certificate will be used for signing.
Works fantastically! Rated 5 out of 5 stars
I have need to public PEM versions of my public S/MIME certs on my website, but Firefox does not provide this ability. I could use OpenSSL, but that is somewhat of a hassle. Cert Viewer Plus makes the procedure very easy indeed.This review is for a previous version of the add-on (1.2).