Med anledning av Firefox ‘death sentence’ threat to TeliaSonera over gov spy claims plitade några av oss, tillsammans med systersvärmen GHS, ihop några olika steg för hur du redan nu kan välja bort TeliaSoneras certifikat.

BROWSERS (in no particular order)

Opera (Windows, GNU/Linux, OSX)
Note: (Browsers on OSX uses the built in Keychain Access)

  • (Settings ->) Preferences -> Advanced -> Security
  • Click “Manage certificates…”
  • Open tab “Authorities” (always question these)
  • Look for “TeliaSonera Root CA v1″ and/or anything Sonera
  • Click “View”
  • Uncheck “Allow connections to sites using this certificate”
  • Click OK and exit preferences

KDE, Konqueror & Rekonq etc (border-line system-wide)

  • K-menu -> Applications -> System -> System Settings (or find a quicker way there)
  • Click SSL Preferences
  • Look for any Telia or Sonera certificate
  • Click in the checkbox before the certificate name so it gets unchecked
  • Click Apply

Firefox/Iceweasel/Pale Moon (Windows, GNU/Linux, FreeBSD etc.)

  • Edit -> Preferences/Settings -> Advanced -> Encryption -> View/Show Certificate
  • Open tab “Authorities”
  • Look for Sonera
  • Use “Edit..” (“Delete or Distrust” may not be enough on some platforms*)
  • Uncheck everything!

* If you’re running a Linux-based/Unix-like system, chances are Firefox gets the Sonera certificates from /etc/ssl/certs. If you are running Debian, Ubuntu or another Debian derivate, see dpkg-reconfigure below. For Windows the browser uses your settings made in “View/Show Certificate” as stated above – distrust makes the browser show a warning message. Someone please confirm this for OSX.

Chromium on ArchLinux:

  • Press the menu-button in the upper right corner.
  • Select Settings at the bottom of the menu.
  • Scroll to the  bottom and click the “Show advanced settings…” text.
  • Scroll to HTTPS/SSL and press the “Manage certificates…” button.
  • Go to the Authorities-tab.
  • Search for Sonera by pressing CTRL+F and typing Sonera into the search box.
  • Select the certificates one at a time and press “Edit…”, then uncheck all boxes and press OK. When you’ve done that for both certificates the browser will start complaining when you try to access sites with encrypted connections signed with the Telia Sonera certificate.


Debian GNU/Linux:
Removed through dialog interface using dpkg.
# dpkg-reconfigure -p low ca-certificates
Uncheck the following certificates:
   * /etc/mozilla/Sonera_Class_1_Root_CA.crt
   * /etc/mozilla/Sonera_Class_2_Root_CA.crt

ArchLinux all browsers without SSL cache:
$ sudo find /etc/ssl -iname ‘*sonera*’ -execdir rm {} \;
..or whatever, just remove /etc/ssl/certs/?onera*, you’re running Arch, ya’ll know whatcha doin’, rite?

OSX Firefox, Safari, Chrome (all browsers) uses the built in Keychain Access utility to handle SSL certificates

  • Applications -> Utilities -> Keychain Access
  • Search for Sonera



Any comments, thoughts, suggestions, improvements, etc. highly appreciated.


Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Set your Twitter account name in your settings to use the TwitterBar Section.
Creeper MediaCreeper