Closed Bug 1415695 Opened 7 years ago Closed 7 years ago

[SUMO User Issue] Akamai CDN and OCSP Stapling causing users to go to an Insecure connection Page

Categories

(NSS :: Libraries, defect)

Product:
NSS
Component:
Libraries
Version:
3.33
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 1368868

People

(Reporter: guigs, Unassigned)

Details

Description: There is a problem with a lot of Akamai CDN sites. When you check the DNS records for the sites, there is a CNAME pointing it to an Akamai server. For example: https://support.mozilla.org/en-US/forums/support-forum-contributors/712687?last=72626 Examples copied from Escalated Community thread: i.ebayimg.com => e5842.g.akamaiedge.net www.cbssports.com => e5952.b.akamaiedge.net tools.usps.com => e7154.dscb.akamaiedge.net www.amazon.de => e15317.ci.akamaiedge.net www.ask.com => e12353.b.akamaiedge.net radar.weather.gov => e278.dscg.akamaiedge.net www.allstate.com => e10996.x.akamaiedge.net A temporary workaround is to disable OCSP stapling. Visibility ~27 in the last 3 weeks, it is still happening. and could potentially be a higher visibility issue. Recent threads: https://support.mozilla.org/search/advanced?q=ocsp&created=2&created_date=10%2F13%2F2017&sortby=1&a=1&w=2 Expected: to go to the site without an insecure connection or to not single out these sites for ocsp stapling being enabled from the update.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.