#24138: Older version of Tor Browser not updating --------------------------------------+----------------------------------- Reporter: lizzard | Owner: tbb-team Type: defect | Status: needs_information Priority: Medium | Milestone: Component: Applications/Tor Browser | Version: Severity: Normal | Resolution: Keywords: | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: --------------------------------------+-----------------------------------
Comment (by mcs): It may be difficult to fix this now. Opening Tor Browser 4.5.3, using about:config to set `app.update.log = true`, and opening the Browser Console reveals that the update URL used is: https://www.torproject.org/dist/torbrowser/update_2/release/Darwin_x86_64-gcc3/4.5.3 /en-US?force=1 An update check results in this error: Expected certificate attribute 'issuerName' value incorrect, expected: 'CN=DigiCert SHA2 High Assurance Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US', got: 'CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US'. This happens because 4.5.3 includes some built-in checks to ensure that the browser is talking to the correct update server, but unfortunately we have switched from a DigiCert issued certificate to one from Let's Encrypt. I am not sure how to avoid this problem without running a server that uses a certificate from the older CA... forever. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24138#comment:4> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs