Cerca nel supporto

Attenzione alle mail truffa. Mozilla non chiederà mai di chiamare o mandare messaggi a un numero di telefono o di inviare dati personali. Segnalare qualsiasi attività sospetta utilizzando l'opzione “Segnala abuso”.

Learn More

Questa discussione è archiviata. Inserire una nuova richiesta se occorre aiuto.

SHA-1 certificate after 1.1.2017. What behaviour we can expect from Mozzila if server/FW is still using SHA-1? Can we simple accept a risk and open a page?

  • 5 risposte
  • 5 hanno questo problema
  • 152 visualizzazioni
  • Ultima risposta di philipp

more options

We are concerned what will happen after 1.1.2017. when Mozilla will stop to support certificate SHA-1. Our infrastructure is under the replacement but we still have some devices which will be with SHA-1. What can we expect when users are going to open a page with this certificate. Can we just accept a risk and open page??

Soluzione scelta

users will see this (with an option to override the error after clicking on advance):

Leggere questa risposta nel contesto 👍 2

Tutte le risposte (5)

more options

hi kecupko, the recent blog post at https://blog.mozilla.org/security/2016/10/18/phasing-out-sha-1-on-the-public-web/ should have some answers on that.

more options

I went through that blog and it leads me to this one: https://support.mozilla.org/en-US/kb/connection-untrusted-error-message. Where again is not clearly written that even with SHA-1 you are albe to accept a risk and open a page at the end.

more options

the post says: "In early 2017, Firefox will show an overridable “Untrusted Connection” error..."

more options

I like rather exact answers - so please we can override message "Untrusted connection" and open a page - right? :)

more options

Soluzione scelta

users will see this (with an option to override the error after clicking on advance):