Closed Bug 1227777 Opened 9 years ago Closed 7 years ago

https on dcms.taipower.com.tw is misconfigured (ssllabs gives it an F)

Categories

(Web Compatibility :: Site Reports, defect)

Product:
Web Compatibility
Component:
Site Reports
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: jidanni, Unassigned)

References

(
URL
)

Details

(Whiteboard: [needscontact] [https]) 

User Agent: Mozilla/5.0 (X11; Linux i686; rv:44.0) Gecko/20100101 Firefox/44.0 Iceweasel/44.0a2
Build ID: 20151104004053

Steps to reproduce:

Browsed https://dcms.taipower.com.tw/tpcGoogleMap/


Actual results:

Got stuck in your
"Secure Connection Failed

An error occurred during a connection to dcms.taipower.com.tw. Peer's certificate has an invalid signature. (Error code: sec_error_bad_signature) "
dialogs.

WITH NO METHOD TO OVERRIDE,

even if the boss is breathing down our neck and we are late for work, etc.

All the user can do is click Report which might report the site to some international police organization or something, the user thinks, only sending this this little problem with the other bureau's programmer, who might be out to lunch at the moment, instead outside the company to that international police organization, he fears.

OK, I am exaggerating, but that is how it looks like to a hurried user.


Expected results:

Should see the site without any problems, like one can do in chromium: 46.0.2490.71-1 . Not one single blip.
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:45.0) Gecko/20100101 Firefox/45.0
20151124030553

(In reply to Dan Jacobson from comment #0)
> sec_error_bad_signature

In the latest Nightly, the error I'm getting is sec_error_unknown_issuer. SSL Labs says the certificate is not trusted and the chain is incomplete:
https://www.ssllabs.com/ssltest/analyze.html?d=dcms.taipower.com.tw

> WITH NO METHOD TO OVERRIDE,

Bug 403220.
URL: https://dcms.taipower.com.tw
Component: Untriaged → Security: PSM
Product: Firefox → Core
Well chrome thinks it is fine. What do you think about that? If it is really bad then can you make a chrome bug report please to back up the fact that it is really bad?
Chrome attempts to fetch intermediate certificates that may be missing in the handshake. Firefox does not (for a few reasons: privacy, performance, the fact that the locations of the missing intermediates come from an untrusted source, etc.). That's probably why this works in Chrome and not Firefox. In any case, the site is incorrectly configured. The administrators need to fix it.
Component: Security: PSM → Desktop
Product: Core → Tech Evangelism
Summary: Secure Connection Failed, no way to see site. Works fine in Chrome → https on dcms.taipower.com.tw is misconfigured (ssllabs gives it an F)
Version: 44 Branch → unspecified
Well nonetheless, one major league browser gets through with not the least murmur, one other major league browser defends the user 100% blocking the site "over my dead body you will not get to this site".

There should be a valid bug against one or the other. I have no opinion which.
Whiteboard: [needscontact] [https]
Site no longer exists, it seems.
Status: UNCONFIRMED → RESOLVED
Closed: 7 years ago
Resolution: --- → INVALID
Product: Tech Evangelism → Web Compatibility
You need to log in before you can comment on or make changes to this bug.