View Issue Details

IDProjectCategoryView StatusLast Update
0001289Main CAcert Websitecertificate issuingpublic2015-03-10 20:10
Reporterutdrmac Assigned Towytze  
Status closedResolutionfixed 
PlatformMain CAcert WebsiteOSN/AOS Versionstable
Fixed in Version2014 Q4 
Summary0001289: CACert.Org Intermediate Cert Still Signed With MD5

Firefox will not accept the current root certificates because they are still signed with old MD5.

Could not verify this certificate because it was signed using a signature algorithm that was disabled because that algorithm is not secure.

I believe this also affects importing of email/client keys because FF refuses to import mine saying that I don't own the private key it was signed with.
Steps To ReproduceImport root certificates. View Cert status within Firefox cert browser.
TagsNo tags attached.
Reviewed by
Test Instructions



2014-07-18 22:07

reporter   ~0004890

New Firefox Nightly versions (33.0a1+) seems to check to whole chain for MD5 signing and therefore report every CACert signed certificate as untrusted.


2014-07-18 22:13

reporter   ~0004891

I was able to override this in Thunderbird 24.6.0 but not so in latest Firefox; it doesn't have the same secret about:config setting that TBird has. I had to do this in order for my email cert to be accepted. If Thunderbird gets this update soon, none of the email certs will work because you won't be able to override the setting.


2014-08-06 15:13

reporter   ~0004920

I can confirm that this is also in Firefox Nightly 34.0a1, and that the Firefox about:config setting "browser.xul.error_pages.expert_bad_cert" does not allow bypassing it.


2014-09-15 13:36

developer   ~0005008

Last edited: 2014-09-15 13:37

The CAcert Class3 intermediate root certificate is signed with a SHA1 hash, which is fully supported by Firefox.

The CAcert Class1 root certificate is *not* an intermediate certificate. It is signed with a MD5 hash, but since it should be installed as a trusted certificate anyway, this presents no security issue. Yet, some Firefox beta versions contain code which complain about the use of the MD5 algorithm here. This is a Firefox bug and is currently dealt with by Firefox through Bugzilla entry 1058812: "mozilla::pkix rejects trust anchor certificates that are (self-)signed using MD5- or MD2- based signatures".


2014-09-25 22:39

reporter   ~0005032

Certificates signed with SHA-1 will be phased out too: - so, better use SHA-512 to be on the safe side for a few years?


2014-09-26 12:57

developer   ~0005033

@ckujau: Please note that this mozilla notice is talking about certificates issued by a CA, and not about the actual root certificate. All certificates issued by CAcert are signed with a SHA-256, SHA-384 or SHA-512 hash (at the choice of the user) since January 2014, see . Also the current CAcert Class3 intermediate root certificate is signed with a SHA-256 hash since May 2011 (and not SHA-1 as I erroneously mentioned in ).


2014-12-01 15:53

developer   ~0005142

The problem is on the Firefox side (see my earlier notes), but does not occur with any released version of Firefox.

Issue History

Date Modified Username Field Change
2014-07-11 19:03 utdrmac New Issue
2014-07-18 22:07 SWW13 Note Added: 0004890
2014-07-18 22:13 utdrmac Note Added: 0004891
2014-08-06 15:13 npiacentine Note Added: 0004920
2014-09-15 13:36 wytze Note Added: 0005008
2014-09-15 13:37 wytze Note Edited: 0005008
2014-09-25 22:39 ckujau Note Added: 0005032
2014-09-26 12:57 wytze Note Added: 0005033
2014-12-01 15:53 wytze Note Added: 0005142
2014-12-01 15:53 wytze Status new => solved?
2014-12-01 15:53 wytze Fixed in Version => 2014 Q4
2014-12-01 15:53 wytze Resolution open => fixed
2014-12-01 15:53 wytze Assigned To => wytze
2015-03-10 20:10 INOPIAE Status solved? => closed