Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

SHA-1 certificate after 1.1.2017. What behaviour we can expect from Mozzila if server/FW is still using SHA-1? Can we simple accept a risk and open a page?

  • 5 replies
  • 5 have this problem
  • 1 view
  • Last reply by philipp

more options

We are concerned what will happen after 1.1.2017. when Mozilla will stop to support certificate SHA-1. Our infrastructure is under the replacement but we still have some devices which will be with SHA-1. What can we expect when users are going to open a page with this certificate. Can we just accept a risk and open page??

We are concerned what will happen after 1.1.2017. when Mozilla will stop to support certificate SHA-1. Our infrastructure is under the replacement but we still have some devices which will be with SHA-1. What can we expect when users are going to open a page with this certificate. Can we just accept a risk and open page??

Chosen solution

users will see this (with an option to override the error after clicking on advance):

Read this answer in context 👍 2

All Replies (5)

more options

hi kecupko, the recent blog post at https://blog.mozilla.org/security/2016/10/18/phasing-out-sha-1-on-the-public-web/ should have some answers on that.

more options

I went through that blog and it leads me to this one: https://support.mozilla.org/en-US/kb/connection-untrusted-error-message. Where again is not clearly written that even with SHA-1 you are albe to accept a risk and open a page at the end.

more options

the post says: "In early 2017, Firefox will show an overridable “Untrusted Connection” error..."

more options

I like rather exact answers - so please we can override message "Untrusted connection" and open a page - right? :)

more options

Chosen Solution

users will see this (with an option to override the error after clicking on advance):