Closed
Bug 1157847
Opened 10 years ago
Closed 10 years ago
sso.smartsheet.com does not send the necessary intermediate cert
Categories
(Web Compatibility :: Site Reports, defect)
Web Compatibility
Site Reports
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: hwine, Unassigned)
References
()
Details
Attachments
(2 files)
Bad issuer message
With buildid 20150420134330 (38.0b6), new profile, the cert on sso.smartsheet.com is listed as invalid due to issuer cert being unknown.
See attached screenshots.
|
||
Comment 2•10 years ago
|
||
https://www.ssllabs.com/ssltest/analyze.html?d=sso.smartsheet.com :
> sso.smartsheet.com
> 1 Sent by server Fingerprint: ec0e0bd8e16ae1c61da3aade74d240102bc1494b
> RSA 2048 bits (e 65537) / SHA1withRSA
>
> thawte Extended Validation SSL CA
> 2 Extra download Fingerprint: 3dd6c26a33b179e76eed2cd360aa75a5c1b76a56
> RSA 2048 bits (e 65537) / SHA1withRSA
>
> thawte Primary Root CA Self-signed
> 3 In trust store Fingerprint: 91c6d6ee3e8ac86384e548c299295c756c817b81
> RSA 2048 bits (e 65537) / SHA1withRSA
Note the phrase "Extra download" - the server is misconfigured as it should be sending the intermediate cert.
This is the relevant intermediate cert, discovered from the AIA part of the end-entity cert:
> http://crl.thawte.com/ThawteEVCA2006.cer
After downloading and importing this intermediate cert, I can connect to the site fine.
URL: sso.smartsheet.com
Component: General → Desktop
Product: Firefox → Tech Evangelism
Hardware: x86_64 → Unspecified
Summary: FF 38 rejects unexpired thwate certificate as "invalid issuer" → sso.smartsheet.com does not send the necessary intermediate cert
Version: 38 Branch → unspecified
|
|
||
Updated•10 years ago
|
|
Assignee | |
Updated•6 years ago
|
Product: Tech Evangelism → Web Compatibility
You need to log in
before you can comment on or make changes to this bug.
Description
•