Closed
Bug 1248039
Opened 8 years ago
Closed 8 years ago
some www.skype.com IPs don't include the appropriate intermediate certificate (and others include the anchor)
Categories
(Web Compatibility :: Site Reports, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: hsivonen, Unassigned)
References
()
Details
Attachments
(1 file)
|
2.78 KB,
application/octet-stream
|
Details |
Steps to reproduce: 1) Navigate to https://www.skype.com in Firefox 44 on Windows 10. Actual results: sec_error_unknown_issuer and the certificate viewer shows only the leaf in the chain. Expected results: Successful connection. Additional info: Edge and Chrome connect OK. Nightly on Ubuntu 15.10 x86_64 connects OK and shows the certificate chain. Exporting the leaf from Firefox 44 on Windows 10 and Nightly on Ubuntu 15.10 result in identical files. https://www.ssllabs.com/ssltest/analyze.html?d=skype.com&s=65.55.157.237 says that the server sends the leaf, an intermediate and even the root cert, so it's not a matter of a missing intermediate being cached or not. (I checked that the SHA-1 fingerprint matches on ssllabs and in Firefox.)
|
Reporter | |
Updated•8 years ago
|
Version: 45 Branch → 44 Branch
|
|
Reporter | |
Comment 1•8 years ago
|
||
Oh, and I saw this on two distinct Windows 10 boxes.
|
||
Comment 2•8 years ago
|
||
Have you installed firefox after you have installed any antivirus that does so called "internet security" ?
(In reply to Henri Sivonen (:hsivonen) from comment #0) > https://www.ssllabs.com/ssltest/analyze.html?d=skype.com&s=65.55.157.237 > says that the server sends the leaf, an intermediate and even the root cert, These three don't, though: https://www.ssllabs.com/ssltest/analyze.html?d=skype.com&s=157.56.198.10 https://www.ssllabs.com/ssltest/analyze.html?d=skype.com&s=157.56.114.105 https://www.ssllabs.com/ssltest/analyze.html?d=skype.com&s=111.221.123.232
Component: Security: PSM → Desktop
Product: Core → Tech Evangelism
Summary: sec_error_unknown_issuer for www.skype.com → some www.skype.com IPs don't include the appropriate intermediate certificate (and others include the anchor)
Version: 44 Branch → unspecified
|
|
Reporter | |
Comment 4•8 years ago
|
||
(In reply to Honza Bambas (:mayhemer) from comment #2) > Have you installed firefox after you have installed any antivirus that does > so called "internet security" ? No, the only anti-virus that's ever been on either of these Windows 10 installations is the built-in one.
|
|
Reporter | |
Comment 5•8 years ago
|
||
Trying Twitter: https://twitter.com/hsivonen/status/699222046346190848
|
|
||
Comment 6•8 years ago
|
||
According to https://www.ssllabs.com/ssltest/analyze.html?d=skype.com it seems that everything has been fixed. Thanks Henri
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
|
Assignee | |
Updated•5 years ago
|
Product: Tech Evangelism → Web Compatibility
You need to log in
before you can comment on or make changes to this bug.
Description
•