Unstable versions of Firefox won't load some of Feedbin's content because of SHA1 cert

[MikhailTNY]

In Firefox Developer and Firefox Nightly builds, there are missing icons on the Feedbin's site like this:

This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] application-da65c821b9d8759913d342b0de7f34c5.js
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] application-4b268b2f079126bcd1e1c212c97be9b6.css
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] favicon-feed-blue-ccf3d3368c968fec0ea6d2bbe18cfa3a.svg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] embeds.js
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] favicon-search-light-66dd89f8784487d9d02531b0e117d4ea.svg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] logo-40dfff51944922c496b2f7148cb42459.svg

I'm not sure if this is a bug in Firefox or the site. I did test and SSLab says there are some SHA1 signatures.

[psychotropek]

I am using Firefox 39.0, which should be stable. I am experiencing the same missing icons. I can't find any SHA1 signatures, though.

[juev]

Version FF 40.0.2, there is the same problem. In the console, there are listed messages:

This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] embeds.js
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] application-960d8ba6eabbbca68eff70f0cb633447877403c4d693e4eca2c4e9b6b1ca5b33.css
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] application-c3b565b5f83a84ad66e82ae89f796c75360387d2090a0f2271faa1d8a8ce733a.js
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] logo-90a6156b29d8c568fafc8938fc6c45e837a214784c733b7d85f2d0d192b372b3.svg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] favicon-feed-blue-83b0bf260391de80f3e43009e20050711e177827131b193d0e0ad6a99a1af6a0.svg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] favicon-search-light-ccdaa06e4a9effa94072d27ee7dc48b239aca8f60acf1abe08b87624db10ade1.svg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] icon-star-d2e2e5d4a57403e0264c70922d0734ffe429efbfc341aed68a94f5cbebe53817.svg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] C3C31B90E9E35910

[benubois]

I think the SHA-1 certificate for the CDN and the icon issue are separate.

The Firefox icon issue seems to go away if you visit https://feedbin.com directly, rather than being redirected from http://feedbin.com.

I'm thinking CloudFront will probably update their certificate before the 2017 cutoff.