←back to thread

All extensions disabled due to expiration of intermediate signing cert

(bugzilla.mozilla.org)
1318 points xvector | 5 comments | 04 May 19 01:31 UTC | HN request time: 1.135s | source
1. 333c ◴[04 May 19 02:30 UTC] No.19823967[source]
Can someone explain exactly what went wrong? I don't think I quite understand, but 7/9 of my extensions have been disabled.
replies(2): >>19823973 #>>19824179 #
2. ◴[04 May 19 02:31 UTC] No.19823973[source]
3. lvh ◴[04 May 19 03:15 UTC] No.19824179[source]
Firefox requires extensions installed via their "store" be signed with a certificate to make sure they're actually from there. That certificate has an expiry date. It expired, so now all of its signatures are invalid -- and Firefox no longer trusts the associated extensions.
replies(1): >>19827393 #
4. sfink ◴[04 May 19 16:23 UTC] No.19827393[source]
A minor added detail is that it wasn't the leaf certificate that expired. I've heard that that would have been handled properly. It was an intermediate cert, and I guess that possibly wasn't fully taken into account? (This is 3rd hand knowledge and speculation, note.)
replies(1): >>19827464 #
5. lvh ◴[04 May 19 16:32 UTC] No.19827464{3}[source]
That is accurate :)