Closed
Bug 1138493
Opened 10 years ago
Closed 10 years ago
https://mujucet.pre.cz/ fails with untrusted connection due to not sending the appropriate intermediate cert
Categories
(Web Compatibility :: Site Reports, defect)
Web Compatibility
Site Reports
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: mayhemer, Unassigned)
Details
STR:
- Desktop Nightly (checked forward with up to Release)
- fresh profile
- go to https://mujucet.pre.cz/
=> untrusted connection
Interestingly, this works for me with my long standing profile I daily use (Nightly), where this cert (checked by sernum) is installed in the SW token.
I can see a lot of other CAs installed under SW token as well in my daily profile, tho I never installed them manually. This profile of mine is OLD (years).
|
||
Comment 1•10 years ago
|
||
Honza - looks like the server isn't sending the intermediate: https://www.ssllabs.com/ssltest/analyze.html?d=mujucet.pre.cz so I think this is actually expected (if the intermediate is cached from a previous handshake, then it works, which looks like what you're seeing)
|
|
Reporter | |
Comment 2•10 years ago
|
||
Could be, but I don't remember I would ever have to accept an exception for this site.
Should this be turned to an evangelism bug?
|
|
||
Comment 3•10 years ago
|
||
(In reply to Honza Bambas (:mayhemer) from comment #2)
> Should this be turned to an evangelism bug?
Probably, yes. I don't think there's much we can do on our end.
|
|
Reporter | |
Updated•10 years ago
|
Component: Security: PSM → Desktop
Product: Core → Tech Evangelism
|
|
||
Comment 4•10 years ago
|
||
Looks fixed.
https://www.ssllabs.com/ssltest/analyze.html?d=mujucet.pre.cz :
> mujucet.pre.cz
> 1 Sent by server Fingerprint: 2dfd00f90bd71e84df982879a8c414d901e986e2
> RSA 2048 bits (e 65537) / SHA256withRSA
>
> thawte EV SSL CA - G3
> 2 Sent by server Fingerprint: 68060ca074ff36c7e81b0b338d7e8376790ed020
> RSA 2048 bits (e 65537) / SHA256withRSA
>
> thawte Primary Root CA Self-signed
> 3 In trust store Fingerprint: 91c6d6ee3e8ac86384e548c299295c756c817b81
> RSA 2048 bits (e 65537) / SHA1withRSA
> Weak or insecure signature, but no impact on root certificate
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Summary: https://mujucet.pre.cz/ fails with untrusted connection since "thawte Extended Validation SSL CA" is not found → https://mujucet.pre.cz/ fails with untrusted connection due to not sending the appropriate intermediate cert
|
|
Reporter | |
Updated•10 years ago
|
Status: RESOLVED → VERIFIED
|
Assignee | |
Updated•6 years ago
|
Product: Tech Evangelism → Web Compatibility
You need to log in
before you can comment on or make changes to this bug.
Description
•