Closed Bug 1016420 Opened 9 years ago Closed 9 years ago

Troubles testing new Certificate Verification library (mozilla::pkix) Camerfirma EV Certificates

Categories

(Core :: Security: PSM, defect)

Product:
Core
Component:
Security: PSM
Version:
32 Branch
Platform:
x86_64
Windows 8.1
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: ramirom, Unassigned)

References

Details

Attachments

(1 file)

screenshots with pkix on and off
145.92 KB, application/x-rar
Details 
User Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.114 Safari/537.36

Steps to reproduce:

I've tried our EV Certificates (e.g. https://plat.nestwork.eu or https://plusvalias.mazarron.es/ ) using the new certificate verification library (mozilla::pkix). (security.use_mozillapkix_verification true)


Actual results:

Firefox shows them as OV Certificates (without the green bar)


Expected results:

Firefox must show them as EV certificates (with the green bar)
Bug #991815 is probably the reason these sites are not getting EV treatment with mozilla::pkix.

Ramiro, it looks like https://plat.nestwork.eu does not send out the intermediate certificate with the SSL cert. It results in the Untrusted Connection error until after I've browsed to the other site. Then it works. Please get the server updated with the intermediate cert.
Depends on: 991815
Hi Kathleen,

We've modified our OCSP responder. Now we obtain the right behaviour using our EV certificates with PKIX.

Thank you for your help.
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.