Closed Bug 1364740 Opened 8 years ago Closed 8 years ago

Firefox refuses to download Firefox because SHA1-certificate on download-sha1.allizom.org

Categories

(Firefox :: Untriaged, defect)

Product:
Firefox
Component:
Untriaged
Version:
52 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1356463

People

(Reporter: hartnegg, Unassigned)

Details

User Agent: Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0 Build ID: 20170323105023 Steps to reproduce: Visit https://www.mozilla.org/de/firefox/all/#de Click on https://download-sha1.allizom.org/?product=firefox-53.0.2-SSL&os=win&lang=de Actual results: Firefox 52.0.2 refuses to download Firefox 53.0.2 becauses the owner of download-sha1.allizom.org misconfigured the web page. The certificate is signed with a disabled algorithm (SHA-1). SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED Expected results: Download
The clicked link actually was https://download.mozilla.org/?product=firefox-53.0.2-SSL&os=win&lang=de That forwarded to https://download-sha1.allizom.org/?product=firefox-53.0.2-SSL&os=win&lang=de It does not happen anymore after using Bugzilla. But it does happen again after I reset the snapshot of the virtual machine. So I always must first visit Bugzilla before I can download a new Firefox version.
It's not caching, it's not incomplete certificate chain, it's Javascript. The page https://www.mozilla.org/de/firefox/all/#de links to download-sha1 if Javascript is disabled. Next such nonse I stumble on will cause me to modify my web pages such that they refuse to work if Javascript is on.
Meant "nonsense" of course. Can't type well when angry.
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.