BD is suddenly claiming that the update server (I guess) for SeaMonkey (everyone's favourite browser, I assume) has an expired certificate.
Below is the notification
~~~~~
Suspicious connection blocked
43 minutes ago
Feature: Online Threat Prevention
seamonkey.exe attempted to establish a connection relying on an expired certificate to updates.seamonkey-project.org. We blocked the connection to keep your data safe since websites must renew their certificates with a certification authority to stay current, and outdated security certificates represent a risk.
[Add to exceptions]
~~~~~
Initially SeaMonkey must have initiated the update check itself.
Later I tried browsing to
https://updates.seamonkey-project.org/
The certificate doesn't seem to be expired, although interestingly it does have a start date of yesterday. Could BD be misinterpreting the start date as an expiry date?
Besides that, there are two other things I found unusual (though I have little experience in this area).
- I have never seen a certificate set up with such a short validity period.
- The general information mentions only "aus2-community.mozilla.org" (for the CN); I have to look in details to find "DNS Name: updates.seamonkey-project.org" (as Certificate Subject Alt Name).
