Closed Bug 1583075 Opened 5 years ago Closed 5 years ago

firefox rejects my certificate but Edge, Chrome and Opera accept it https://www.executable-english.com

Categories

(Core :: Security: PSM, defect)

69 Branch
defect
Not set
normal

Tracking

()

RESOLVED DUPLICATE of bug 1535662

People

(Reporter: adriandwalker, Unassigned)

References

()

Details

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Steps to reproduce:

firefox --> https://www.executable-english.com

Actual results:

connection is not secure

Expected results:

Secure connection, as in Edge, Chrome and Opera

Component: Untriaged → Security: PSM
Product: Firefox → Core

Your server isn't sending the right intermediate certificates. Firefox will handle this situation more gracefully when bug 1535662 lands.

Status: UNCONFIRMED → RESOLVED
Closed: 5 years ago
Resolution: --- → DUPLICATE

Hmmm.. If we are not sending the right intermediate certificates, why do Chrome, Edge and Opera work just fine?

Those browsers implement something called "AIA chasing", which means they use a url in the server certificate to fetch the intermediate certificate. The drawback of this approach is that you essentially leak browsing history to the CA. Mozilla prioritizes user privacy, so this isn't implemented in Firefox.

You need to log in before you can comment on or make changes to this bug.