With versions of Chrome 77 and Firefox 70 (released 10/22/2019), designers decided to remove the green "lock" , which signals the presence of a TLS certificate. Moreover, advanced verification EV certificates are no longer allocated .
But the developers of Firefox 70 left the opportunity to return to the familiar interface. And a green indicator, and a separate line indicating the company for EV-certificates. As with all other Firefox settings, this is done very simply - by changing the setting in about: config .
Green indicator
- Enter about: config in the address bar.
- Press the button βI accept the riskβ.
- In the search bar at the top, find the security.secure_connection_icon_color_gray parameter.
- Change its value to false .
The changes will take effect immediately; a browser restart is not required. On all sites with TLS certificates, a green indicator will reappear.
To put the gray icon again, you can always change the setting back.
EV certificates
This field can also be returned back.
- Go back to about: config .
- Now find the security.identityblock.show_extended_validation parameter.
- Set its value to true .
It was:
It became:
Extended Validation Certificate (Extended Validation, EV) - A type of HTTPS certificate in which the certification authority performs an additional verification of the domain owner by binding the domain to the legal entity. Browser designers have removed this indicator to optimize the browser interface, since the long address bar does not fit on the screens of mobile devices.
Google conducted a study based on which it concluded that the rejection of EV does not reduce security. At the same time, a survey on HabrΓ© showed that 51.3% of users trust EV certificates more than ordinary TLS certificates (although only 146 users voted). The CA Security Council also considers it a mistake to remove EV from the address bar.
By the way, in the version of Firefox 71 (December 2019), a more modern tool for viewing Certificate Viewer certificates will appear, which shows full information about the HTTPS connection, certificate, keys, certificate authority and so on. The interface has already been enabled by default in the Nightly version:
The built-in Certificate Viewer was modeled after the open source extension Certainly Something (Certificate Viewer) , which pulls information through the TLS Info API in Firefox.
Little bonus
For sites without encryption, Firefox 70 displays a gray strike indicator with a strikeout. For greater expressiveness, you can add the inscription "Not protected" to this icon. This is done by changing the security.insecure_connection_text.enabled setting.
It was:
It became:
It's nice that the developers of Firefox provide various options for customizing the interface and do not force everyone to use a unified uniform UI.
SPECIAL CONDITIONS for PKI solutions for enterprises are valid until 11/30/2019 under the promo code AL002HRFR for new customers. For details, contact the managers +7 (499) 678 2210, sales-ru@globalsign.com.