Closed Bug 536406 Opened 15 years ago Closed 15 years ago

IPSCA SSL Cert not Accepted in Mozilla, Accepted in IE8

Categories

(CA Program :: CA Certificate Root Program, task)

x86
Windows XP
task
Not set
normal

Tracking

(Not tracked)

RESOLVED DUPLICATE of bug 529286

People

(Reporter: ndr, Assigned: kathleen.a.wilson)

References

()

Details

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.6) Gecko/20091201 Firefox/3.5.6 (.NET CLR 3.5.30729) Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.6) Gecko/20091201 Firefox/3.5.6 (.NET CLR 3.5.30729) New IPSCA SSL Certificates are not being accepted. However, IE8 accepts them. Are there plans to update this CA soon? Many .edu domains are reporting this as a huge issue because IPSCA offers free certificates. Reproducible: Always Steps to Reproduce: 1. Access https://collab.ctrip.ufl.edu in Mozilla 2. Access https://collab.ctrip.ufl.edu in IE8 3. Compare the result Actual Results: IE8 loads page, accepts certificate. Mozilla does not trust the certificate. Expected Results: Mozilla should trust the certificate.
Not security-sensitive, moving to a more accurate component...
Assignee: nobody → kathleen95014
Group: core-security
Component: General → CA Certificates
Product: Firefox → mozilla.org
QA Contact: general → ca-certificates
Version: unspecified → other
This has nothing to do with the certificate (you might have installed): Firefox can't find the server at collab.ctrip.ufl.edu. ;; Got SERVFAIL reply from xx.xxx.xx.xxx, trying next server ;; Got SERVFAIL reply from xxx.xx.xx.xxx, trying next server ;; connection timed out; no servers could be reached
Perhaps it's a DNS issue. Did you include https:// in the url? It is an SSL only site.
Thank you Eddy. I am following another thread related to IPSCA certs. I think this thread can be closed.
OK - I would nevertheless like to understand the problem you experience because at the moment the certificate should work if it's correctly installed. Do you have an alternative URL?
Is this a duplicate of bug #529286? No, it doesn't state the exact same problem; but it seems this is a consequence of that earlier bug report.
Yes, apparently new certificates are issued from a root which isn't in Mozilla - most likely the one from bug 529286. I believe we can mark this bug as resolved.
Status: UNCONFIRMED → RESOLVED
Closed: 15 years ago
Resolution: --- → DUPLICATE
Product: mozilla.org → NSS
Product: NSS → CA Program
You need to log in before you can comment on or make changes to this bug.