SHA-1 certificate after 1.1.2017. What behaviour we can expect from Mozzila if server/FW is still using SHA-1? Can we simple accept a risk and open a page?
We are concerned what will happen after 1.1.2017. when Mozilla will stop to support certificate SHA-1. Our infrastructure is under the replacement but we still have some devices which will be with SHA-1. What can we expect when users are going to open a page with this certificate. Can we just accept a risk and open page??
被采纳的解决方案
users will see this (with an option to override the error after clicking on advance):
定位到答案原位置 👍 2所有回复 (5)
hi kecupko, the recent blog post at https://blog.mozilla.org/security/2016/10/18/phasing-out-sha-1-on-the-public-web/ should have some answers on that.
I went through that blog and it leads me to this one: https://support.mozilla.org/en-US/kb/connection-untrusted-error-message. Where again is not clearly written that even with SHA-1 you are albe to accept a risk and open a page at the end.
the post says: "In early 2017, Firefox will show an overridable “Untrusted Connection” error..."
I like rather exact answers - so please we can override message "Untrusted connection" and open a page - right? :)
选择的解决方案
users will see this (with an option to override the error after clicking on advance):
