Mozilla has
run into a hitch with its plans to deprecate SHA-1 certificates.
"However, for Firefox users who are behind certain
'man-in-the-middle' devices (including some security scanners and antivirus
products), this change removed their ability to access HTTPS web sites.
When a user tries to connect to an HTTPS site, the man-in-the-middle device
sends Firefox a new SHA-1 certificate instead of the server’s real
certificate. Since Firefox rejects new SHA-1 certificates, it can’t
connect to the server." An update backing out the SHA-1 deprecation
has been posted, but affected users will have to install it manually
(assuming they don't use a distribution-supported version, of course).
↧
