diff --git a/firefox-nss-addon-hack.patch b/firefox-nss-addon-hack.patch
new file mode 100644
index 0000000..0322707
--- /dev/null
+++ b/firefox-nss-addon-hack.patch
@@ -0,0 +1,19 @@
+diff -up firefox-84.0.2/security/certverifier/NSSCertDBTrustDomain.cpp.nss-hack firefox-84.0.2/security/certverifier/NSSCertDBTrustDomain.cpp
+--- firefox-84.0.2/security/certverifier/NSSCertDBTrustDomain.cpp.nss-hack      2021-01-11 12:12:02.585514543 +0100
++++ firefox-84.0.2/security/certverifier/NSSCertDBTrustDomain.cpp       2021-01-11 12:47:50.345984582 +0100
+@@ -1619,6 +1619,15 @@ SECStatus InitializeNSS(const nsACString
+     return srv;
+   }
+
++  /* Sets the NSS_USE_ALG_IN_ANY_SIGNATURE bit.
++   * does not change NSS_USE_ALG_IN_CERT_SIGNATURE,
++   * so policy will still disable use of sha1 in
++   * certificate related signature processing. */
++  srv = NSS_SetAlgorithmPolicy(SEC_OID_SHA1, NSS_USE_ALG_IN_ANY_SIGNATURE, 0);
++  if (srv != SECSuccess) {
++    NS_WARNING("Unable to use SHA1 for Add-ons, expect broken/disabled Add-ons. See https://bugzilla.redhat.com/show_bug.cgi?id=1908018 for details.");
++  }
++
+   if (nssDbConfig == NSSDBConfig::ReadWrite) {
+     UniquePK11SlotInfo slot(PK11_GetInternalKeySlot());
+     if (!slot) {
diff --git a/firefox.spec b/firefox.spec
index 3b8e499..580043d 100644
--- a/firefox.spec
+++ b/firefox.spec
@@ -198,7 +198,7 @@
 Summary:        Mozilla Firefox Web browser
 Name:           firefox
 Version:        78.8.0
-Release:        5%{?dist}
+Release:        6%{?dist}
 URL:            https://www.mozilla.org/firefox/
 License:        MPLv1.1 or GPLv2+ or LGPLv2+
 %if 0%{?rhel} == 7
@@ -267,6 +267,7 @@ Patch232:        firefox-rhel6-hugepage.patch
 Patch233:        firefox-rhel6-nss-tls1.3.patch
 Patch234:        rhbz-1821418.patch
 Patch235:        firefox-pipewire-0-3.patch
+Patch236:        firefox-nss-addon-hack.patch
 
 # Upstream patches
 Patch402:        mozilla-1196777.patch
@@ -601,10 +602,12 @@ sed -ie 's|/usr/include|/app/include|' %_sourcedir/firefox-pipewire-0-3.patch
 %if 0%{?rhel} >= 8
   %if 0%{?rhel_minor_version} >= 3
 %patch235 -p1 -b .pipewire-0-3
+
   %else
 %patch231 -p1 -b .pipewire
   %endif
 %endif
+%patch236 -p1 -b .firefox-nss-addon-hack
 
 
 %patch234 -p1 -b .rhbz-1821418
@@ -1591,6 +1594,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
 #---------------------------------------------------------------------
 
 %changelog
+* Tue Apr 27 2021 Jan Horak <jhorak@redhat.com> - 78.8.0-6
+- Added patch for SHA-1 support for the addons
+
 * Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 78.8.0-5
 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937