Closed Bug 522877 Opened 16 years ago Closed 16 years ago

Firefox users get invalid cert following blocklist details link

Categories

(mozilla.org Graveyard :: Server Operations, task, P1)

Product:
mozilla.org Graveyard
Component:
Server Operations
Type:
task

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 505031

People

(Reporter: dveditz, Unassigned)

References

(
URL
)

Details

A number of users are complaining they get an invalid SSL certificate when following the "why was this blocked"/details link in Firefox 3.0. We just pushed a .NET plugin blocklist that about half our users have, so there are quite a number of people now hitting this. The problem is that the old version of the blocklist pref had a locale subdomain, which no longer matches the *.mozilla.com cert on the machine. Example comment http://blog.mozilla.com/security/2009/10/16/net-framework-assistant-blocked-to-disarm-security-vulnerability/#comment-108052 This is because the pref in Firefox 3.0 is "http://%LOCALE%.www.mozilla.com/%LOCALE%/blocklist/", whereas in later versions we dropped the initial locale-host redirect. Firefox 3.0: http://mxr.mozilla.org/mozilla/source/browser/app/profile/firefox.js#84 Firefox 3.5: http://mxr.mozilla.org/mozilla1.9.1/source/browser/app/profile/firefox.js#87 We need to get a *.www.mozilla.com cert up there ASAP
Is bug 522876 a dupe?
Wait, I'm confused... the pref in 3.0 is _not_ SSL, and it correctly redirects to a non-SSL version of the blocklist page. Where are people getting an HTTPS pref with a %LOCALE% sub-domain?
The change from http: to https: happened at exactly the same time we dropped the %LOCALE% subdomain. How are some people having broken links? Is the details link specified in the blocklist itself?
Note that the duped bug was explicitly a 3.5.3 user. The two commenters in the security blog didn't say what version and I just assumed 3.0.x from misreading the source code.
Summary: Firefox 3.0 users get invalid cert following blocklist details link → Firefox users get invalid cert following blocklist details link
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → DUPLICATE
Product: mozilla.org → mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.