All of my Firefox extensions were spontaneously and simultaneously disabled (converted to Legacy status) a few moments ago.

How can I re-enable them?

Firefox 66.0.3 (64-bit)

The intermediate code signing certificate expired. This means that all add-ons signed with the cert are no longer trusted. In this case the browser is doing it's job.

Mozilla will need to get the add-ons resigned and/or push a new cert out. Work is in progress to fix it. There is no resolution at this time unless you are on a developer code branch which you can go into about:config and set xpinstall.signatures.required to false.

This will not work for most users and if you don't set it back may put you at some security risks. Best option is to wait this out. I imagine they will have this fixed in a few hours.

https://bugzilla.mozilla.org/show_bug.cgi?id=1548973

This issue is due to a mass expiration of addon certificates. As others have mentioned, a fix is in the works.

To temporarily re-enable addons, you can navigate to about:config and set "xpinstall.signatures.required" to false.

This will re-enable any addons installed that have expired certificates, but it is not recommended to keep enabled long-term. I recommend turning it off as soon as the issue is resolved.

You can resolve this by disabling signature checking.

Signature checking is a security feature. Disabling it makes Firefox less secure. Once Mozilla gets their certificate issue resolved, it's recommended that you remove this code to re-enable signature checking. With this code installed to disable signature checking, you should be careful to only install extensions that you fully trust (e.g. ones that are hosted on Mozilla Add-ons).

Note: the rest of this answer is copied from my answer to How can I disable signature checking for Firefox add-ons? on Stack Overflow, but with information about how to disable signature checking in releases of Firefox < 57 removed.

Disable add-on signing check in Release (all) versions of Firefox

Firefox version 66+ (probably 60+)

The following instructions will disable signature checking on Firefox for the Firefox profile in which you install the files. You are going to be adding some files to the chrome directory under your Firefox Profile directory.

I've tested this on Firefox 66.0.3+.

IIRC, some slightly different code was needed for Firefox 65, I believe I left that code in disable-add-on-signing.js when I modified it for Firefox 66, but I'm not sure about that.

We're going to use a technique which allows you to run arbitrary JavaScript code in the browser context from files stored in your Firefox profile directory. I found how to do this from Haggai Nuchi's GitHub repository: Firefox Quantum compatible userChrome.js.

On Windows, your Firefox profile directory will be %appdata%MozillaFirefoxProfiles[profileID]. If you have only one profile, the [profileID] will be the only directory in the %appdata%MozillaFirefoxProfiles directory. If you have multiple profiles, you will need to select the one(s) you want to install this hack into.

Once you get to your profile directory, your will need to create a directory called chrome, if it does not already exist. You will be adding the 3 files below to that directory:

• userChrome.css


• userChrome.xml


• disable-add-on-signing.js

You will then need the following code in userChrome.css, which is available from Haggai Nuchi's GitHub repository:

/*Enable userChrome.js */
/* Copyright (c) 2017 Haggai Nuchi
Available for use under the MIT License:
https://opensource.org/licenses/MIT
*/

@namespace url(http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul);

toolbarbutton#alltabs-button 
 -moz-binding: url("userChrome.xml#js");

You will need userChrome.xml (slightly modified from the version available in Haggai Nuchi's GitHub repository):

<?xml version="1.0"?>
<!-- Copyright (c) 2017 Haggai Nuchi
Available for use under the MIT License:
https://opensource.org/licenses/MIT
 -->
<!-- This has been slightly modified from the version available from
https://github.com/nuchi/firefox-quantum-userchromejs/blob/master/userChrome.xml
by Makyen. The modified version is released under both the MIT and CC BY-SA 3.0 licenses.
 -->

<bindings id="generalBindings"
 xmlns="http://www.mozilla.org/xbl"
 xmlns:xul="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
 xmlns:xbl="http://www.mozilla.org/xbl">

 <binding id="js" extends="chrome://global/content/bindings/toolbarbutton.xml#toolbarbutton-badged">
 <implementation>
 <constructor><![CDATA[
 function makeRelativePathURI(name) 
 let absolutePath = Components.stack.filename;
 return absolutePath.substring(0, absolutePath.lastIndexOf("/") + 1) + name;
 
 // The following code executes in the browser context,
 // i.e. chrome://browser/content/browser.xul
 try 
 Services.scriptloader.loadSubScript(makeRelativePathURI("disable-add-on-signing.js"), window);
 catch(e) 
 console.error(e);
 
 ]]></constructor>
 </implementation>
 </binding>
</bindings>

You will also need disable-add-on-signing.js:

//This should be installed as the file disable-add-on-signing.js in
// your profile's "chrome" directory.

//Earlier versions of Firefox
try 
 Components.utils.import("resource://gre/modules/addons/XPIProvider.jsm", ).eval("SIGNED_TYPES.clear()");
 catch(ex) 
try 
 Components.utils.import("resource://gre/modules/addons/XPIInstall.jsm", ).eval("SIGNED_TYPES.clear()");
 catch(ex) 
try 
 Components.utils.import("resource://gre/modules/addons/XPIDatabase.jsm", ).eval("SIGNED_TYPES.clear()");
 catch(ex) 

//Tested on Firefox 66
const XPCOMUtils = ChromeUtils.import("resource://gre/modules/XPCOMUtils.jsm");
XPCOMUtils.defineLazyModuleGetters(this, 
 XPIDatabase: "resource://gre/modules/addons/XPIDatabase.jsm",
);
XPIDatabase.SIGNED_TYPES.clear();

console.log('Add-on signing disabled.');

After adding these files in your profile's chrome directory, you will need to restart Firefox. You can verify that the code is running by looking for "Add-on signing disabled." in the Browser Console.

Add-ons which were disabled or removed by Firefox will not be automatically enabled. You will need to re-install them. You can install them by draging-and-droping the *.xpi file onto a Firefox window and confirming that you want to install.

If you are wanting to get the *.xpi file for any particular extension from Mozilla Add-ons you can download it by right clicking on the "install" button and selecting "Save As", or "Remove".

Results

With the current release version of Firefox, I've been using this solution for a while now to have a few extensions I built for my own use installed and to test new versions of extensions I'm working on (when I want to test in the Release version instead of Firefox Developer Edition or Nightly).

NOTE: In about:addons Firefox may show (under some conditions) the add-on as enabled (not greyed-out), but have text stating that the add-on "could not be verified and has been disabled". The text is not accurate! The add-on is enabled and functioning.

How it works

[This is an explanation of older code, but the current code is very similar.]

Within resource://gre/modules/addons/XPIProvider.jsm the const SIGNED_TYPES is defined as a Set. In order for an add-on to require signing, its type must be a member of that Set. The Set.prototype.clear() method is used to clear all entries from the Set. This results in no add-on types which require signing (code 1, code 2).

If you wanted to, you could individually disable the signature check for any of the types: "webextension", "extension", "experiment", or "apiextension".