This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Does Firefox publish a MD5 or SHA1 hash for me to verify my download?

  • 3 replies
  • 66 have this problem
  • 971 views
  • Last reply by dveditz

more options

For security reasons, I wish to be able to verify my Firefox download using either the MD5 or SHA1 hash.

For security reasons, I wish to be able to verify my Firefox download using either the MD5 or SHA1 hash.

Modified by monokle

Chosen solution

All Replies (3)

more options

Chosen Solution

For Firefox 3.6.13 you can access them here - http://releases.mozilla.org/pub/mozilla.org/firefox/releases/3.6.13/

more options

Thank you!!

more options

For Windows installers checking the authenticode signature is much easier for most users. Open the folder containing the installer, right-click, Properties, and look for a "Digital Signatures" tab. There should be one, and it should be a valid signature for the Mozilla Corporation.

For people who know what to do with a SHA1 hash file, downloading it over an insecure connection from the same mirror site as the binary completely misses the point. Instead get it from https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/<version>/SHA1SUMS (or MD5SUMS if you prefer).