prox06.ho2.de does not include a required intermediate certificate in the TLS handshake

RESOLVED INVALID

Status

RESOLVED INVALID
a year ago
a year ago

People

(Reporter: krothi, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

1.71 KB, application/x-x509-ca-cert
Details
(Reporter)

Description

a year ago
Created attachment 8859585 [details]
ica.cer

User Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
Build ID: 20170323105023

Steps to reproduce:

I have visited a webpage where the public certificate which is signed by certum.pl ica.

Certum.pl is a trusted CA, but there is an intermediate ca missing.

Please send pn for an example web site.


Actual results:

A warning is appearing that a certificate is missing


Expected results:

The public certificate should be trusted, because the certum.pl CA is trusted

Comment 1

a year ago
https://certum.pl/ looks work. Please provide this site and steps to reproduce.
Flags: needinfo?(krothi)
(Reporter)

Comment 2

a year ago
Hi,

the page is

https[colon]//prox06[dod]ho2[dod]de

Kind regards
Flags: needinfo?(krothi)

Comment 3

a year ago
Why do you think this is not the site configuration issue?

https://www.ssllabs.com/ssltest/analyze.html?d=prox06.ho2.de
* This server supports weak Diffie-Hellman (DH) key exchange parameters. Grade capped to B.   MORE INFO »
* This server's certificate chain is incomplete. Grade capped to B. 


I don't know if we have plans to make an improvement.
Component: Untriaged → Security: PSM
Product: Firefox → Core
Component: Security: PSM → Desktop
Product: Core → Tech Evangelism
Summary: ica certificate of certum.pl is missing → prox06.ho2.de does not include a required intermediate certificate in the TLS handshake
Version: 52 Branch → unspecified
(Reporter)

Comment 4

a year ago
Hi,

right, will close it.

Thx
(Reporter)

Updated

a year ago
Status: UNCONFIRMED → RESOLVED
Last Resolved: a year ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.