Closed Bug 1128368 Opened 5 years ago Closed 5 years ago
Revoked cert on services
.addons .mozilla .org breaks about:addons
I saw a report on twitter about a revoked cert on SAMO: https://twitter.com/lusis/status/562064553081847809 and could reproduce the problem, as could ashish. clouserw can't repro: he sees the cert expiring in 2016.
https://www.ssllabs.com/ssltest/analyze.html?d=services.addons.mozilla.org reports "Revocation status Revoked INSECURE"
Thanks for filing, Laura. I was talking about expiration but it looks like that tweet is actually about revocation which would be something else. I can't reproduce this, but will attach a screenshot of the cert I'm seeing. For me, I load https://services.addons.mozilla.org/en-US/firefox/discovery/pane/8.0.1/Darwin and I see the attached cert.
Summary: Reports of revoked cert on services.addons.mozilla.org → Revoked cert on services.addons.mozilla.org breaks about:addons
(In reply to Ashish Vijayaram [:ashish] from comment #1) > https://www.ssllabs.com/ssltest/analyze.html?d=services.addons.mozilla.org > reports "Revocation status Revoked INSECURE" This also affects versioncheck-bg.addons.mozilla.org, versioncheck.addons.mozilla.org which are used for automatic/manual addons update in Firefox.
The same problem also disallows to perform sync in firefox.
User-facing version of the error
Until this is resolved, a quick fix is to turn off the OCSP protocol validation. >You can bypass this by going to Pref->Advanced->Certificates and turn off the OCSP protocol validation. As outlined on the Linux Mint Forum. http://forums.linuxmint.com/viewtopic.php?t=188768&p=977518#p977518 I can both confirm this bug, on Windows 7, and confirm that the work-around works.
Thanks for the report! Our Geotrust/Symantec issued certificate was revoked earlier today. I verified via the CRL provided at http://SVRSecure-G3-crl.verisign.com/SVRSecureG3.crl Serial Number: 5D0596A315ACB95B79C31BD4DFC7046B Revocation Date: Feb 2 01:10:00 2015 GMT After contacting support they had stated that our SSL product expired and was then revoked. I've installed a new certificate on services.addons.mozilla.org and versioncheck.addons.mozilla.org. Let me know if you continue to have issues.
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
Looks like it is fixed.
5 years ago
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.