Where to report an issue with certificate distrust in firefox on a server with GUI?
Hello,
I'm running a RHEL 7.4 Server with GUI. Firefox 52.4.0 (64-bit) is included in this version.
While accessing a website with firefox from this machine, the browser blocked the connection and tells me that the connection is not secure because:
The certificate is not trusted because it was signed using a signature algorithm that was disabled because that algorithm is not secure.
Error code: SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED
I've visited the same site with a Firefox ESR 52.4.1 (32-bit) from a windows machine and I do not get an error here. So I've checked the signature algorithm of the certificate in question and it is:
Signature Algorithm: sha256WithRSAEncryption
IMHO this should be considered as secure. But now the following questions are going around in my head:
- Is it a bug or a feature?
- Is there anything fishy with the certificate?
- If it seems to be a bug, where should I report it?
My machine has a development subscription. So I cannot open a support ticket. Should I report this issue in the Red Hat Bugzilla or in the bugtracker of Mozilla?
I'm happy if someone could provide some advise here.
Best regards,
Joerg
Responses
Guru
6222 points
Hello Joerg,
Have you tried to open a support case? A developer subscription should come with one year standard support.
Regards,
Jan Gerrit Kootstra
Expert
1223 points
Well, from the output of subscription-manager list --consumed I extracted:
Subscription Name: Red Hat Enterprise Linux Developer Suite
Service Level: Self-Support
Service Type: L1-L3
Subscription Type: Standard
But I thought the developer suite comes with self-support only by default.
I've opened a support case anyway. Because I have still some standard subscriptions available in my account. So I could attach an additional subscription if I have to.
Regards, Joerg
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.