Cannot validate the server's EE certificate when the server fails to send the intermediate certificate

RESOLVED DUPLICATE of bug 657228

Status

()

RESOLVED DUPLICATE of bug 657228
7 years ago
3 years ago

People

(Reporter: yuppicide138, Unassigned)

Tracking

Trunk
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [DUPEME])

(Reporter)

Description

7 years ago
User Agent: Mozilla/5.0 (Windows NT 5.1; rv:6.0) Gecko/20100101 Firefox/6.0
Build ID: 20110811165603

Steps to reproduce:

Loaded firefox, tried to go to this website https://sterling.factoringsystem.com


Actual results:

When I go there it comes up with the message This Connection Is Untrusted. If I click Add Exception it says 

Valid Certificate

This site provides valid, verified identification. There is no need to add an exception.


Expected results:

My web page should have opened. I trust the website. I use it on a daily basis to enter orders. The company provides credit to customers. This works fine in Internet Explorer.
this is a server configuration problem as far as i can see and not a browser bug.
The server doesn't send the complete certificate chain as confirmed by http://www.sslshopper.com/ssl-checker.html#hostname=https://sterling.factoringsystem.com

You may want to read and send that to the page owner
-> https://wiki.mozilla.org/Incomplete_Certificate_Chain

Comment 2

7 years ago
The same with my corporate webmail. In certificate details firefox says that it's for the correct site (webmail.<biggesteuropeancorp>.it, in error details it says that certificate is only valid for *.opendns.com, opendns.com.

Comment 3

7 years ago
This could even be a site config issue (I can't see how... it's ff that tries to apply the certificate to the wrong domain), but it should be possible to add an exception, anyway. You can't say certificate error on one side and certificate valid on the exception form.

Comment 4

7 years ago
Oops. Ignore me, I realized that the domain had dns issues and opendns is nagging firefox.

Updated

7 years ago
Status: UNCONFIRMED → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 660749
The original problem report was not about adding an exception, but rather the inability of Firefox to be able to validate the EE certificate while IE can. As noted above, the server is misconfigured; it doesn't send the intermediate certificate in its Certificates message. Possible solutions are bug 399324 and bug 657228.

The most likely reason for not being able to add a security exception is being tracked in bug 659736.
Status: RESOLVED → REOPENED
Component: General → Security: PSM
Ever confirmed: true
Product: Firefox → Core
QA Contact: general → psm
Resolution: DUPLICATE → ---
Summary: Firefox says invalid certificate.. → Cannot validate the server's EE certificate when the server fails to send the intermediate certificate
Whiteboard: [DUPEME]
OS: Windows XP → All
Hardware: x86 → All
Version: 6 Branch → Trunk
Duplicate of this bug: 712280
Status: REOPENED → RESOLVED
Last Resolved: 7 years ago3 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 657228
You need to log in before you can comment on or make changes to this bug.