Last Comment Bug 522877 - Firefox users get invalid cert following blocklist details link
: Firefox users get invalid cert following blocklist details link
Status: RESOLVED DUPLICATE of bug 505031
Product: Graveyard
Classification: Graveyard
Component: Server Operations (show other bugs)
: other
: All All
: P1 blocker (vote)
: ---
Assigned To: server-ops
: matthew zeier [:mrz]
: 522876 522958 (view as bug list)
Depends on:
  Show dependency treegraph
Reported: 2009-10-17 08:27 PDT by Daniel Veditz [:dveditz]
Modified: 2015-03-12 08:17 PDT (History)
13 users (show)
See Also:
QA Whiteboard:
Iteration: ---
Points: ---


Description Daniel Veditz [:dveditz] 2009-10-17 08:27:12 PDT
A number of users are complaining they get an invalid SSL certificate when following the "why was this blocked"/details link in Firefox 3.0.

We just pushed a .NET plugin blocklist that about half our users have, so there are quite a number of people now hitting this. The problem is that the old version of the blocklist pref had a locale subdomain, which no longer matches the * cert on the machine.

Example comment

This is because the pref in Firefox 3.0 is "", whereas in later versions we dropped the initial locale-host redirect.

Firefox 3.0:

Firefox 3.5:

We need to get a * cert up there ASAP
Comment 1 Tanner Filip [:tanner] 2009-10-17 08:31:19 PDT
Is bug 522876 a dupe?
Comment 2 Daniel Veditz [:dveditz] 2009-10-17 08:38:25 PDT
Wait, I'm confused... the pref in 3.0 is _not_ SSL, and it correctly redirects to a non-SSL version of the blocklist page.

Where are people getting an HTTPS pref with a %LOCALE% sub-domain?
Comment 3 Daniel Veditz [:dveditz] 2009-10-17 08:40:03 PDT
*** Bug 522876 has been marked as a duplicate of this bug. ***
Comment 4 Daniel Veditz [:dveditz] 2009-10-17 08:43:39 PDT
The change from http: to https: happened at exactly the same time we dropped the %LOCALE% subdomain. How are some people having broken links? Is the details link specified in the blocklist itself?
Comment 5 Daniel Veditz [:dveditz] 2009-10-17 08:45:15 PDT
Note that the duped bug was explicitly a 3.5.3 user. The two commenters in the security blog didn't say what version and I just assumed 3.0.x from misreading the source code.
Comment 6 Daniel Veditz [:dveditz] 2009-10-17 08:46:23 PDT
> happened at exactly the same time...

Bug 468526
Comment 7 Dave Townsend [:mossop] 2009-10-17 08:48:31 PDT

*** This bug has been marked as a duplicate of bug 505031 ***
Comment 8 Daniel Veditz [:dveditz] 2009-10-17 08:56:20 PDT
*** Bug 522857 has been marked as a duplicate of this bug. ***
Comment 9 Tanner Filip [:tanner] 2009-10-18 09:50:01 PDT
*** Bug 522958 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.