Firefox complains on the developer console about our default certs using SHA-1 and references this page:
It's not a security issue as the certificates are unsafe per design, but the complaints might get worse so we should probably consider changing the certificates at some point.
Might also need to update make-dummy-cert.
Edge is explicitly complaining direct to end user with something like:
"You should not trust this website, server is using SHA-1 certificate"
when connecting using Web Access client.
The certificates generated by make-dummy-cert seems to be using SHA-256 though.
Regenerated using the changes from bug 7401. This should hold us over for a while.
Long term we might want to regenerate these as part of the build. Or on install. Or perhaps even ask the admin and generate them with a proper hostname.
This changed exposed a bug in tl-setup. See bug 7410.
Tested in nightly build 6278 on:
* Windows 10 - Chrome 78, Firefox 70, IE 11 and Edge 18
* Android 8 - Chrome 78