168637 - Sites Verisign SSL certificate is NOT recognized

Status: VERIFIED DUPLICATE of bug 141612

(Core Graveyard :: Security: UI, defect, P3)

Description

[kwanghan TAN]

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.1) Gecko/20020826
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.1) Gecko/20020826

Mozilla 1.1 does not recognize the Verisgn certificate for this site

The site uses verisign certificate. 
Check the SSL seal @ Versign & Verisign says the certficate is valid. 
MSIE does not give any problem (even after the SSL cert chain patch). 




Reproducible: Always

Steps to Reproduce:
1. goto https://www.m1shop.com.sg/NASApp/merchantbeans/Home


Actual Results:  
Mozilla Popup says CA not recognized


Expected Results:  
Shold not complaint

Click on the Verisign seal on their site (bottom left), verisign says their
certificate is valid

Comment 1

[Matthias Versen [:Matti]]

-> PSM

Comment 2

[John Unruh]

Confirming on trunk. Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.2a) 
Gecko/20020913 Netscape/7.0b1+

Comment 3

[John Unruh]

Another untrusted Verisign site:
https://secure1.affinity.com/SSL/lowfat/placeorder.html

Comment 4

[John Unruh]

This also happens with Navigator 4.8. It seems that the CA is simply not in the 
cert DB. IE 6 recognizes the CA. Here is the cert.
OU = www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign
OU = VeriSign International Server CA - Class 3
OU = VeriSign, Inc.
O = VeriSign Trust Network

Comment 5

[John Unruh]

This server cert in comment #3 was issued 9/8/02. We should try to get this CA 
into our cert DB.

Comment 6

[Wan-Teh Chang]

I suspect that this is a duplicate of the "misconfigured
SSL web sites" bug (bug 141612).  These SSL web servers
are not sending the intermediate CA cert to the clients.

Comment 7

[John Unruh]

Dupe.

*** This bug has been marked as a duplicate of 141612 ***

Comment 8

[John Unruh]

Verified.