Versions / Builds Affected
All versionsStatus
ResolvedProblem Summary
Firefox is blocking https sites when https inspection is enabledTT / JIRAID
GFIWM-562How to Identify
Firefox is blocking https sites when https inspection is enabled.
Firefox is reporting the following error:
sec_error_cert_signature_algorithm_disabled
(The certificate is not trusted because it was signed using a signature algorithm that was disabled because that algorithm is not secure.)
The reason is because the certificates Web Monitor is generating the temporary certificate using a SHA-1 signature and signature hash algorithm vs. SHA-256 or SHA-512. The below Mozilla article is the error highlighted from the Mozilla side where Firefox is blocking anything signed SHA-1.
https://support.mozilla.org/en-US/kb/unable-access-secure-https-sites-firefox-43Workaround / Fix Details
Patch is available via auto-updatesRequired Actions
Make the client update to version 10 and use the auto-updates.
A patch is already available via auto-updates