Closed
Bug 1128368
Opened 10 years ago
Closed 10 years ago
Revoked cert on services.addons.mozilla.org breaks about:addons
Categories
(Cloud Services :: Operations: Marketplace, task)
Cloud Services
Operations: Marketplace
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: laura, Assigned: jason)
References
Details
Attachments
(2 files)
cert1.png
I saw a report on twitter about a revoked cert on SAMO:
https://twitter.com/lusis/status/562064553081847809
and could reproduce the problem, as could ashish. clouserw can't repro: he sees the cert expiring in 2016.
|
||
Comment 1•10 years ago
|
||
https://www.ssllabs.com/ssltest/analyze.html?d=services.addons.mozilla.org reports "Revocation status Revoked INSECURE"
|
||
Comment 2•10 years ago
|
||
Thanks for filing, Laura. I was talking about expiration but it looks like that tweet is actually about revocation which would be something else. I can't reproduce this, but will attach a screenshot of the cert I'm seeing.
For me, I load https://services.addons.mozilla.org/en-US/firefox/discovery/pane/8.0.1/Darwin and I see the attached cert.
|
|
||
Updated•10 years ago
|
Summary: Reports of revoked cert on services.addons.mozilla.org → Revoked cert on services.addons.mozilla.org breaks about:addons
|
||
Comment 5•10 years ago
|
||
(In reply to Ashish Vijayaram [:ashish] from comment #1)
> https://www.ssllabs.com/ssltest/analyze.html?d=services.addons.mozilla.org
> reports "Revocation status Revoked INSECURE"
This also affects versioncheck-bg.addons.mozilla.org, versioncheck.addons.mozilla.org which are used for automatic/manual addons update in Firefox.
User-facing version of the error
|
||
Comment 9•10 years ago
|
||
Until this is resolved, a quick fix is to turn off the OCSP protocol validation.
>You can bypass this by going to Pref->Advanced->Certificates and turn off the OCSP protocol validation.
As outlined on the Linux Mint Forum. http://forums.linuxmint.com/viewtopic.php?t=188768&p=977518#p977518
I can both confirm this bug, on Windows 7, and confirm that the work-around works.
|
Assignee | |
Updated•10 years ago
|
Assignee: nobody → jthomas
|
|
Assignee | |
Comment 10•10 years ago
|
||
Thanks for the report!
Our Geotrust/Symantec issued certificate was revoked earlier today. I verified via the CRL provided at http://SVRSecure-G3-crl.verisign.com/SVRSecureG3.crl
Serial Number: 5D0596A315ACB95B79C31BD4DFC7046B
Revocation Date: Feb 2 01:10:00 2015 GMT
After contacting support they had stated that our SSL product expired and was then revoked.
I've installed a new certificate on services.addons.mozilla.org and versioncheck.addons.mozilla.org. Let me know if you continue to have issues.
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
|
|
||
Comment 11•10 years ago
|
||
Looks like it is fixed.
|
||
Updated•10 years ago
|
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•