Closed
Bug 1151540
Opened 10 years ago
Closed 10 years ago
Unable to update nightly: "unsecure update"
Categories
(Firefox :: Security, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: matthewrbowker.bugs, Unassigned)
Details
Whenever my installation of Nightly attempts to check for updates, I receive a popup with text "Something is trying to trick Nightly into accepting an unsecure update"
Re-installation of the latest Nightly does not fix this problem.
Reporter | ||
Comment 1•10 years ago
|
||
Whoops, forgot my build ID:
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:40.0) Gecko/20100101 Firefox/40.0 ID:20150403030204 CSet: 70a113676b21
Comment 2•10 years ago
|
||
If you change the pref "app.update.log" to true in about:config, restart Firefox, and attempt to update, what errors do you see in the browser console?
Reporter | ||
Comment 3•10 years ago
|
||
I will let you know, Nightly refuses to manually update (It's "already up to date" even though it's three days old) so I have to wait for the next automatic update check.
Reporter | ||
Comment 4•10 years ago
|
||
Expected certificate attribute 'issuerName' value incorrect, expected: 'CN=DigiCert Secure Server CA,O=DigiCert Inc,C=US', got: 'CN=Avast trusted CA,OU=Software Development,O=AVAST,ST=Prague,C=CZ'. self-hosted:211:0
Expected certificate attribute 'issuerName' value incorrect, expected: 'CN=Thawte SSL CA,O="Thawte, Inc.",C=US', got: 'CN=Avast trusted CA,OU=Software Development,O=AVAST,ST=Prague,C=CZ'. self-hosted:211:0
Certificate checks failed. See previous errors for details. CertUtils.jsm:109:0
1428422669602 Toolkit.GMP ERROR GMPInstallManager.onLoadXML could not load xml: [Exception... "Certificate checks failed. See previous errors for details." nsresult: "0x80070057 (NS_ERROR_ILLEGAL_VALUE)" location: "JS frame :: resource://gre/modules/CertUtils.jsm :: validateCert :: line 110" data: no] Log.jsm:749:0
1428422669602 Toolkit.GMP ERROR GMPInstallManager.simpleCheckAndInstall Could not check for addons: {"target":{},"status":200,"message":"[Exception... \"Certificate checks failed. See previous errors for details.\" nsresult: \"0x80070057 (NS_ERROR_ILLEGAL_VALUE)\" location: \"JS frame :: resource://gre/modules/CertUtils.jsm :: validateCert :: line 110\" data: no]"} Log.jsm:749:0
UTM:SVC TimerManager:notify - notified timerID: browser-cleanup-thumbnails
AUS:UI gUpdates:onLoad - setting current page to startpage errorextra
Appears Avast is proxying my browser download through their web filter...
Flags: needinfo?(dkeeler)
Comment 5•10 years ago
|
||
(In reply to Matthew Bowker from comment #4)
> Appears Avast is proxying my browser download through their web filter...
Yep, looks like it. Here are a few options:
* configure avast to not proxy firefox (either temporarily so you can update, or permanently)
* add a pref named "app.update.certs.3.issuerName" (and maybe "media.gmp-manager.certs.3.issuerName") with the value "CN=Avast trusted CA,OU=Software Development,O=AVAST,ST=Prague,C=CZ" using about:config
Flags: needinfo?(dkeeler)
Reporter | ||
Comment 6•10 years ago
|
||
OK, I've solved the problem.
For future information: I added "aus4.mozilla.org" with the protocol "https" to the avast exceptions list. This allows my browser to update normally. Avast comes pre-shipped with "aus3.mozilla.org" as an exception, however; that appears to not be the server for Nightly updates.
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•