[Bug] Secure connection failed on a secure website (salutelazio.it)
Categories
(GeckoView :: General, defect)
Tracking
(Not tracked)
People
(Reporter: mcarare, Unassigned)
References
Details
From github: https://github.com/mozilla-mobile/fenix/issues/20206.
Steps to reproduce
- Visit the official website of the Italian Lazio Regional Health System: https://www.salutelazio.it
Expected behavior
Firefox for Android should show that the connection is secure, as it is shown on Google Chrome (both mobile and desktop), Firefox for Desktop and some Firefox for Android revisions.
Actual behavior
A "Secure Connection Failed" page is showed.
Device information
Device vendor / model and Android version: Samsung Galaxy A20s (ARM64, Android 10 (beta and nightly), Samsung Galaxy J2 Prime (ARMV7, Android 6.1.1 (stable)
Firefox for Android version:
Nightly 2021-06-29T17:37:50.207
91.0a1 (Build #2015819211)
AC: 91.0.20210629143047, 8904b55efe
GV: 91.0a1-20210629092640
AS: 79.0.0Beta 90.0.0-beta.6 (Build #2015818371)
AC: 90.0.11, 536cb9fe13
GV: 90.0-20210624190035
AS: 77.0.2Stable 89.1.1 (Build #2015812945)
AC: 75.0.22, 5204f4025
GV: 89.0-20210527174632
AS: 74.0.1Note
Desktop browsers are not affected
Big thanks to @quaqo for discovering this issue!
Change performed by the Move to Bugzilla add-on.
Reporter | ||
Comment 1•3 years ago
|
||
User reports that ESR 78.11.0 is also affected: https://github.com/mozilla-mobile/focus-android/issues/4954#issuecomment-871478727.
Comment 2•3 years ago
|
||
Server needs to install the intermediate cert listed as #2.
1 Sent by server www.salutelazio.it
Fingerprint SHA256: 8fee1055c903a8a1641a2045d49b11e094cb4745d96f24b398faa387a11625a2
Pin SHA256: ZXVMOHymvhR2cdE5P738VfuD+9qQyqifMUvECossmqI=
RSA 2048 bits (e 65537) / SHA256withRSA
2 Extra download GlobalSign RSA OV SSL CA 2018
Fingerprint SHA256: b676ffa3179e8812093a1b5eafee876ae7a6aaf231078dad1bfb21cd2893764a
Pin SHA256: hETpgVvaLC0bvcGG3t0cuqiHvr4XyP2MTwCiqhgRWwU=
RSA 2048 bits (e 65537) / SHA256withRSA
3 In trust store GlobalSign Self-signed
Fingerprint SHA256: cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b
Pin SHA256: cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A=
RSA 2048 bits (e 65537) / SHA256withRSA
Preloading the intermediates as described in bug 1520297 would also resolve this.
Updated•7 months ago
|
Description
•