I tried to register on bugzilla to report a bug, and got:
“You submitted changes to createaccount.cgi with an invalid token, which may indicate that someone tried to abuse you, for instance by making you click on a URL which redirected you here without your consent.
Are you sure you want to commit these changes?”
I don’t think there’s any problem on my side.
By the way, also, the browser warns about the SSL connection using a weak, untrusted cipher.
Sounds like you're behind a proxy, I've had similar problems with SSL
behind our corporate proxy before.
Can you turn it off temporarily to see if that helps?
It should be ok to ignore this, unless you're submitting private
details to Bugzilla, which you really should not.
But that does raise the question: couldn't we use Let's Encrypt's certificates?
Seems like a no brainer for all our websites.
Cipher choice has no relation to the CA used. It is more likely that for
whatever reason, only a list of very weak ciphers is provided. In my
case, TLS 1.2 with AES in CBC mode is used, which is a decent choice.
Still, using the LE framework should be good enough for most purposes,
and we can create one for each tool, with no additional cost, right?