Firefox – How to add a certificate exception for an HSTS-protected site in Firefox

firefoxSecurity

I'm extremely irritated with Firefox's constantly blocking lastpass.com . It is a well known website that stores all my passwords. I need that website to access hundreds of websites.

Side note: Please don't reply back with "you should save your passwords offline" because I decide how I want to manage my passwords. Life is extremely stressful already. Don't add to my stress by giving me crummy advice of storing my passwords offline. It's not practical. I can't carry my notebook everywhere. Services like lastpass are there for a reason.

Here is a screenshot of what I'm seeing:

Screenshot of Firefox blocking website

If the above image is not large enough please right click on image and choose "open image in new tab".

Can someone please tell me how to bypass this problem so that I can get on with my work?

Ideally I would like to disable this cough retarded cough feature in Firefox itself. If that's not possible then I would like to somehow ignore this exception so that lastpass addon can start accessing it's parent site and I can get on with my work.

Best Answer

  • I am going to prefix this answer by saying the following. The only reason you would be getting this error is because you’re using a proxy, which effectively means, all secure http traffic is going through the proxy itself.

    Based on phyrfox's over at Information Security you can do the following.

    You can disable HSTS by introducing a new configuration variable. First, go to the Firefox configuration page (about:config), right-click, choose "New Integer", then provide the name "test.currentTimeOffsetSeconds" (no quotes) with a value of 11491200. This should bypass HSTS, although you may also need to clear the Cache and Active Logins in the Clear Recent History dialog (Ctrl-Shift-Del).

    This apparently works because of a function called GetPreloadListEntry that checks to see if the current time is less than the next list expiration time; since the time is effectively calculated to be later than the expiration time, no check is performed. This effectively disables HSTS checks.

    Can HSTS be disabled in Firefox?