Closed Bug 1411792 Opened 8 years ago Closed 7 years ago

https://help.equifax.com is insecure on clean Firefox profile

Categories

(Web Compatibility :: Site Reports, defect, P3)

Product:
Web Compatibility
Component:
Site Reports
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: mcomella, Unassigned)

Details

1) Start a fresh Firefox profile 2) Visit https://help.equifax.com Expected: Secure connection Actual: "Your connection is not secure" warning page. On my usual profile, the connection succeeds. My understanding is that they're only using an intermediate CA, "Symantec Class 3 Secure Server CA - G4", and my usual profile has cached it. Here's the openssl check: $ openssl s_client -connect help.equifax.com:443 CONNECTED(00000003) depth=0 /C=US/ST=Georgia/L=Alpharetta/O=Equifax Inc/CN=help.equifax.com verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 /C=US/ST=Georgia/L=Alpharetta/O=Equifax Inc/CN=help.equifax.com verify error:num=27:certificate not trusted verify return:1 depth=0 /C=US/ST=Georgia/L=Alpharetta/O=Equifax Inc/CN=help.equifax.com verify error:num=21:unable to verify the first certificate verify return:1 --- Certificate chain 0 s:/C=US/ST=Georgia/L=Alpharetta/O=Equifax Inc/CN=help.equifax.com i:/C=US/O=Symantec Corporation/OU=Symantec Trust Network/CN=Symantec Class 3 Secure Server CA - G4 --- fwiw, I've been debugging this issue for Firefox Focus on Android in https://github.com/mozilla-mobile/focus-android/issues/1338.
The issue seems to be fixed.
Status: NEW → RESOLVED
Closed: 7 years ago
Priority: -- → P3
Resolution: --- → FIXED
Product: Tech Evangelism → Web Compatibility
You need to log in before you can comment on or make changes to this bug.