Closed
Bug 1138493
Opened 9 years ago
Closed 9 years ago
https://mujucet.pre.cz/ fails with untrusted connection due to not sending the appropriate intermediate cert
Categories
(Web Compatibility :: Site Reports, defect)
Web Compatibility
Site Reports
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: mayhemer, Unassigned)
Details
STR: - Desktop Nightly (checked forward with up to Release) - fresh profile - go to https://mujucet.pre.cz/ => untrusted connection Interestingly, this works for me with my long standing profile I daily use (Nightly), where this cert (checked by sernum) is installed in the SW token. I can see a lot of other CAs installed under SW token as well in my daily profile, tho I never installed them manually. This profile of mine is OLD (years).
Honza - looks like the server isn't sending the intermediate: https://www.ssllabs.com/ssltest/analyze.html?d=mujucet.pre.cz so I think this is actually expected (if the intermediate is cached from a previous handshake, then it works, which looks like what you're seeing)
|
Reporter | |
Comment 2•9 years ago
|
||
Could be, but I don't remember I would ever have to accept an exception for this site. Should this be turned to an evangelism bug?
(In reply to Honza Bambas (:mayhemer) from comment #2) > Should this be turned to an evangelism bug? Probably, yes. I don't think there's much we can do on our end.
|
|
Reporter | |
Updated•9 years ago
|
Component: Security: PSM → Desktop
Product: Core → Tech Evangelism
|
|
||
Comment 4•9 years ago
|
||
Looks fixed. https://www.ssllabs.com/ssltest/analyze.html?d=mujucet.pre.cz : > mujucet.pre.cz > 1 Sent by server Fingerprint: 2dfd00f90bd71e84df982879a8c414d901e986e2 > RSA 2048 bits (e 65537) / SHA256withRSA > > thawte EV SSL CA - G3 > 2 Sent by server Fingerprint: 68060ca074ff36c7e81b0b338d7e8376790ed020 > RSA 2048 bits (e 65537) / SHA256withRSA > > thawte Primary Root CA Self-signed > 3 In trust store Fingerprint: 91c6d6ee3e8ac86384e548c299295c756c817b81 > RSA 2048 bits (e 65537) / SHA1withRSA > Weak or insecure signature, but no impact on root certificate
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Summary: https://mujucet.pre.cz/ fails with untrusted connection since "thawte Extended Validation SSL CA" is not found → https://mujucet.pre.cz/ fails with untrusted connection due to not sending the appropriate intermediate cert
|
|
Reporter | |
Updated•9 years ago
|
Status: RESOLVED → VERIFIED
|
Assignee | |
Updated•5 years ago
|
Product: Tech Evangelism → Web Compatibility
You need to log in
before you can comment on or make changes to this bug.
Description
•