Closed Bug 682263 Opened 13 years ago Closed 8 years ago

Cannot validate the server's EE certificate when the server fails to send the intermediate certificate

Categories

(Core :: Security: PSM, defect)

Product:
Core
Component:
Security: PSM
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 657228

People

(Reporter: yuppicide138, Unassigned)

References

Details

(Whiteboard: [DUPEME]) 

User Agent: Mozilla/5.0 (Windows NT 5.1; rv:6.0) Gecko/20100101 Firefox/6.0
Build ID: 20110811165603

Steps to reproduce:

Loaded firefox, tried to go to this website https://sterling.factoringsystem.com


Actual results:

When I go there it comes up with the message This Connection Is Untrusted. If I click Add Exception it says 

Valid Certificate

This site provides valid, verified identification. There is no need to add an exception.


Expected results:

My web page should have opened. I trust the website. I use it on a daily basis to enter orders. The company provides credit to customers. This works fine in Internet Explorer.
this is a server configuration problem as far as i can see and not a browser bug.
The server doesn't send the complete certificate chain as confirmed by http://www.sslshopper.com/ssl-checker.html#hostname=https://sterling.factoringsystem.com

You may want to read and send that to the page owner
-> https://wiki.mozilla.org/Incomplete_Certificate_Chain
The same with my corporate webmail. In certificate details firefox says that it's for the correct site (webmail.<biggesteuropeancorp>.it, in error details it says that certificate is only valid for *.opendns.com, opendns.com.
This could even be a site config issue (I can't see how... it's ff that tries to apply the certificate to the wrong domain), but it should be possible to add an exception, anyway. You can't say certificate error on one side and certificate valid on the exception form.
Oops. Ignore me, I realized that the domain had dns issues and opendns is nagging firefox.
Status: UNCONFIRMED → RESOLVED
Closed: 12 years ago
Resolution: --- → DUPLICATE
The original problem report was not about adding an exception, but rather the inability of Firefox to be able to validate the EE certificate while IE can. As noted above, the server is misconfigured; it doesn't send the intermediate certificate in its Certificates message. Possible solutions are bug 399324 and bug 657228.

The most likely reason for not being able to add a security exception is being tracked in bug 659736.
Status: RESOLVED → REOPENED
Component: General → Security: PSM
Ever confirmed: true
Product: Firefox → Core
QA Contact: general → psm
Resolution: DUPLICATE → ---
Summary: Firefox says invalid certificate.. → Cannot validate the server's EE certificate when the server fails to send the intermediate certificate
Whiteboard: [DUPEME]
OS: Windows XP → All
Hardware: x86 → All
Version: 6 Branch → Trunk
Status: REOPENED → RESOLVED
Closed: 12 years ago8 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.