Certificate Pinner

Certificate Pinner

Pins TLS certificates of configured web pages and interrupts/alerts when a new certificate is presented. Adds a button to the browser's toolbar for pinning and unpinning.

Certificate Pinner promo image
What is Certificate Pinner?

Certificate Pinner is a Firefox add-on by Heurekus. This add-on has 92 daily active users and a good user rating of 4.33. The latest version, 0.17.10, was updated 3 years ago.

Stats date:
Users: 92
Rating: 4.33 (9)
Version: 0.17.10 (Last updated: 2020-07-10)
Creation date: 2019-06-18
Weekly download count: 6
Firefox on Android: Yes
Manifest version: 2
  • notifications
  • tabs
  • activeTab
  • storage
  • webRequest
  • webRequestBlocking
  • <all_urls>
Size: 33.13K
Email: Click to see
URLs: Website
Risk impact: High risk impact
Risk likelihood: Low risk likelihood
Found a bug?

Other platforms

Not available on Chrome
Not available on Edge
This add-on allows to selectively 'pin' TLS certificates of web pages. Whenever a page is loaded and the connection is TLS encrypted, it compares the fingerprint of the presented TLS certificate to the one that is stored. If they don't match, the TLS authentication process is interrupted before any local secrets such as session cookies, passwords, etc. are sent to the server. A tab is opened with a warning and details of the new certificate so the user can decide if the change is genuine. If so, the old fingerprint is replaced with the new fingerprint in local storage. A new button in the browser's toolbar opens a pop-up menu to pin and un-pin page certificates and to get a list of all pinned certificates.
Risk impact

Certificate Pinner requires a number of risky permissions that can potentially harm your browser and steal your data. Exercise caution when installing this add-on. Review carefully before installing. We recommend that you only install Certificate Pinner if you trust the publisher.

Risk impact measures the level of extra permissions an extension has access to. A low risk impact extension cannot do much harms, whereas a high risk impact extension can do a lot of damage like stealing your password, bypass your security settings, and access your personal data. High risk impact extensions are not necessarily malicious. However, if they do turn malicious, they can be very harmful.

Risk likelihood

Certificate Pinner has earned a fairly good reputation and likely can be trusted.

Risk likelihood measures the probability that a Firefox add-on may turn malicious. This is determined by the publisher and the Firefox add-on reputation on Firefox Browser Add-ons, the amount of time the Firefox add-on has been around, and other signals about the Firefox add-on. Our algorithms are not perfect, and are subject to change as we discover new ways to detect malicious extensions. We recommend that you always exercise caution when installing a Firefox add-on, especially ones with higher risk impact and/or higher risk likelihood.

Subscribe to the premium plan to see more risk analysis details
User reviews
Not working with ip addresses (only with domains)
by Harliff, 2023-02-08
View all user reviews