Certificate Pinner

Pins TLS certificates of configured web pages and interrupts/alerts when a new certificate is presented. Adds a button to the browser's toolbar for pinning and unpinning.

What is Certificate Pinner?

Certificate Pinner is a Firefox add-on by Heurekus. This add-on has 92 daily active users and a good user rating of 4.33. The latest version, 0.17.10, was updated 3 years ago.

Download

Stats

Stats date:

By: Heurekus

View on Firefox Browser Add-ons

Users: 92

Rating: 4.33 (9)

Version: 0.17.10 (Last updated: 2020-07-10)

Creation date: 2019-06-18

Weekly download count: 6

Firefox on Android: Yes

Manifest version: 2

Permissions:

notifications
tabs
activeTab
storage
webRequest
webRequestBlocking
<all_urls>

Size: 33.13K

Email: Click to see

URLs: Website

Risk impact: High risk impact

Risk likelihood: Low risk likelihood

Found a bug?

Other platforms

Not available on Chrome

Not available on Edge

ChromeStats Rank

# 9053 ▼ 15

Other rankings

#25 in winner keyword

#69 in present keyword ▼ 2

#101 in category keyword

#121 in application keyword ▲ 1

#141 in location keyword

Upgrade to see more

Summary

This add-on allows to selectively 'pin' TLS certificates of web pages. Whenever a page is loaded and the connection is TLS encrypted, it compares the fingerprint of the presented TLS certificate to the one that is stored. If they don't match, the TLS authentication process is interrupted before any local secrets such as session cookies, passwords, etc. are sent to the server. A tab is opened with a warning and details of the new certificate so the user can decide if the change is genuine. If so, the old fingerprint is replaced with the new fingerprint in local storage. A new button in the browser's toolbar opens a pop-up menu to pin and un-pin page certificates and to get a list of all pinned certificates.

Product summarizer

Ad copy creator

Analyze keywords

Safety

Risk impact

Certificate Pinner requires a number of risky permissions that can potentially harm your browser and steal your data. Exercise caution when installing this add-on. Review carefully before installing. We recommend that you only install Certificate Pinner if you trust the publisher.

Risk impact measures the level of extra permissions an extension has access to. A low risk impact extension cannot do much harms, whereas a high risk impact extension can do a lot of damage like stealing your password, bypass your security settings, and access your personal data. High risk impact extensions are not necessarily malicious. However, if they do turn malicious, they can be very harmful.

Risk likelihood

Certificate Pinner has earned a fairly good reputation and likely can be trusted.

Risk likelihood measures the probability that a Firefox add-on may turn malicious. This is determined by the publisher and the Firefox add-on reputation on Firefox Browser Add-ons, the amount of time the Firefox add-on has been around, and other signals about the Firefox add-on. Our algorithms are not perfect, and are subject to change as we discover new ways to detect malicious extensions. We recommend that you always exercise caution when installing a Firefox add-on, especially ones with higher risk impact and/or higher risk likelihood.

Subscribe to the premium plan to see more risk analysis details

Screenshots

User reviews

Not working with ip addresses (only with domains)

by Harliff, 2023-02-08

View all user reviews