Closed Bug 1012836 Opened 11 years ago Closed 11 years ago

https://add-ons.mozilla.com shows This Connection is Untrusted

Categories

(Cloud Services :: Operations: Marketplace, task)

Product:
Cloud Services
Component:
Operations: Marketplace
Platform:
x86_64
Windows 7
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: gingerbread_man, Assigned: oremj)

Details

add-ons.mozilla.com uses an invalid security certificate. The certificate is only valid for the following names: static-san.mozilla.org, addons.mozilla.com, autoconfig-live.mozillamessaging.com, autoconfig.thunderbird.net, broker-live.mozillamessaging.com, live.mozillamessaging.com, live.thunderbird.net, nightly.mozilla.org, getfirefox.com, www.getfirefox.com, opensearch-live.mozillamessaging.com, dnt.mozilla.org, support.live.mozillamessaging.com, firefox.com, www.firefox.com, gaming.mozillalabs.com, apps.mozillalabs.com, webmaker.mozillalabs.com, support.mozillamessaging.com, heatmap.mozillalabs.com, videos-cdn.mozilla.net, videos.mozilla.org, planet.mozilla.org, publicsuffix.org, www.publicsuffix.org, static.mozilla.com, mozilla.com, www.mozilla.com, activations.mozilla.com, activations.mozilla.org, firefoxflicks.com, www.firefoxflicks.com (Error code: ssl_error_bad_cert_domain) The above error message shows when attempting to load https://add-ons.mozilla.com. I don't know how anyone might happen upon that URL, but it seems the intention is to have that subdomain redirect to https://addons.mozilla.org and that's clearly not working. Originally reported at https://support.mozilla.org/questions/1001924
Assignee: server-ops → server-ops-webops
Component: Server Operations → WebOps: SSL and Domain Names
Product: mozilla.org → Infrastructure & Operations
QA Contact: shyam → nmaul
Assignee: server-ops-webops → server-ops-amo
Component: WebOps: SSL and Domain Names → Server Operations: AMO Operations
Product: Infrastructure & Operations → mozilla.org
QA Contact: nmaul → oremj
Assignee: server-ops-amo → jthomas
clouserw: can we kill this domain? Looks like it has seen 253 requests in the last day. All from a random spider.
Flags: needinfo?(clouserw)
Assignee: jthomas → oremj
heh, this is a classic. Right up there with http://en-us.www.mozilla.com/ and friends. Umm, I'm pretty sure this was hardcoded in old versions of Fx but I don't remember which ones. I'd say find the oldest version of Fx we officially support, look for "add-ons" in its about:config, and if not, you're good to go. All very much my opinion. :)
It looks like old versions used %LOCALE.add-ons.mozilla.com, but nothing used add-ons.mozilla.com directly.
Removed add-ons.mozilla.com from DNS. *.add-ons.mozilla.com still is valid and points to our PHX1 cluster.
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Flags: needinfo?(clouserw)
I think this bug needs to be reopened: en-us.add-ons.mozilla.com uses an invalid security certificate. The certificate is only valid for <a id="cert_domain_link" title="addons.mozilla.org">addons.mozilla.org</a> (Error code: ssl_error_bad_cert_domain) en-us.www.mozilla.com uses an invalid security certificate. The certificate is only valid for the following names: static-san.mozilla.org, addons.mozilla.com, autoconfig-live.mozillamessaging.com, autoconfig.thunderbird.net, broker-live.mozillamessaging.com, live.mozillamessaging.com, live.thunderbird.net, nightly.mozilla.org, getfirefox.com, www.getfirefox.com, opensearch-live.mozillamessaging.com, dnt.mozilla.org, support.live.mozillamessaging.com, firefox.com, www.firefox.com, gaming.mozillalabs.com, apps.mozillalabs.com, webmaker.mozillalabs.com, support.mozillamessaging.com, heatmap.mozillalabs.com, videos-cdn.mozilla.net, videos.mozilla.org, planet.mozilla.org, publicsuffix.org, www.publicsuffix.org, static.mozilla.com, mozilla.com, www.mozilla.com, activations.mozilla.com, activations.mozilla.org, firefoxflicks.com, www.firefoxflicks.com, aurora.mozilla.org, beta.mozilla.org, pontoon.mozillalabs.com (Error code: ssl_error_bad_cert_domain)
(In reply to NoOp from comment #5) > I think this bug needs to be reopened: Sounds like the topic of a new report to me. Filed Bug 1066919
Thanks!
Component: Server Operations: AMO Operations → Operations: Marketplace
Product: mozilla.org → Mozilla Services
You need to log in before you can comment on or make changes to this bug.