Closed
Bug 1350851
Opened 7 years ago
Closed 7 years ago
calendar.yahoo.com doesn't send the right intermediate certificates
Categories
(Web Compatibility :: Site Reports, defect)
Web Compatibility
Site Reports
Tracking
(firefox52 unaffected, firefox-esr52 verified, firefox53 unaffected, firefox54 unaffected, firefox55 unaffected)
VERIFIED
FIXED
| Tracking | Status | |
|---|---|---|
| firefox52 | --- | unaffected |
| firefox-esr52 | --- | verified |
| firefox53 | --- | unaffected |
| firefox54 | --- | unaffected |
| firefox55 | --- | unaffected |
People
(Reporter: emilghitta, Unassigned)
References
()
Details
(Keywords: regressionwindow-wanted, Whiteboard: [cert] [server] [sitewait])
Attachments
(1 file)
|
2.43 MB,
image/gif
|
Details |
Insecured Connection.gif
[Affected versions]: Firefox 52.0.1esr (Build Id:20170316213902) Firefox 52.0.2esr (Build Id:20170323110425) Firefox 45.8.0esr (Build Id:20170301181722) [Affected platforms]: Mac OS X 10.12. Ubuntu 16.04 64bi. Windows 10 64 bit. Windwos 7 64 bit. [Steps to reproduce]: 1. Launch Firefox with a clean profile. 2. Access the https://calendar.yahoo.com/ weblink. 3. Observe that the “Insecure Connection” warning is displayed. [Expected result]: The Connection is secured and the webpage is successfully loaded. [Actual result]: The “Insecure Connection” warning is displayed with the following error code: SEC_ERROR_UNKNOWN_ISSUER https://calendar.yahoo.com/ Peer’s Certificate issuer is not recognized. HTTP Strict Transport Security: false HTTP Public Key Pinning: false [Regression range]: I will return with a regression range as soon as possible. [Additional notes]: This issue is reproducible only on esr builds. Please observe the attached video for more information. Please note that you must use a clean profile in order to reproduce this issue.
|
||
Comment 1•7 years ago
|
||
Looks like a misconfiguration on the server side, I'm seeing a cert signed by digicert, but the server is sending (sha1) verisign intermediates.
Misconfigured server -> tech evangelism.
Component: Security → Desktop
Product: Core → Tech Evangelism
Summary: Insecure Connection warning is displayed when accessing Yahoo Calendar → calendar.yahoo.com doesn't send the right intermediate certificates
|
||
Comment 3•7 years ago
|
||
| contact email | ||
Contacted Jenny at Yahoo!
Whiteboard: [cert] [server] [sitewait]
|
|
||
Comment 4•7 years ago
|
||
seems fixed now: Certificate chain 0 s:/C=US/ST=CA/L=Sunnyvale/O=Yahoo! Inc./CN=*.calendar.yahoo.com i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA 1 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
Status: NEW → RESOLVED
Closed: 7 years ago
status-firefox-esr45:
affected → ---
status-firefox-esr52:
affected → ---
Resolution: --- → FIXED
|
Reporter | |
Comment 5•7 years ago
|
||
This is verified fixed on 52.4.1esr (BuildId:20171005074949) using Windows 10 64bit, macOS 10.11.6 and Ubuntu 16.04 64bit. The right certificates are sent.
Status: RESOLVED → VERIFIED
status-firefox-esr52:
--- → verified
|
Assignee | |
Updated•5 years ago
|
Product: Tech Evangelism → Web Compatibility
You need to log in
before you can comment on or make changes to this bug.
Description
•