Certificate Viewer: Certificate with unknown intermediate issuer cannot be verified

VERIFIED DUPLICATE of bug 93103

Status

Core Graveyard
Security: UI
VERIFIED DUPLICATE of bug 93103
17 years ago
a year ago

People

(Reporter: Malcolm Rowe, Assigned: Stephane Saux)

Tracking

1.0 Branch
psm2.1
x86
Windows 2000

Firefox Tracking Flags

(Not tracked)

Details

(URL)

(Reporter)

Description

17 years ago
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.3) Gecko/20010801
BuildID:    2001080110

The URL provided is the https login page to HSBC internet banking.  The server
certificate is signed by an intermediate certificate that we do not know, which
in turn is signed by a VeriSign certificate that we do know.

Reproducible: Always
Steps to Reproduce:
1. Visit the above URL
2. Click Page Info.  Note that the text reads 'The identity of this web site has
been verified by (Unknown Issuer), a certificate authority you trust for this
purpose.'
3. Click the View button.  Certificate viewer pops up and the text at the top
reads 'Could not verify this certificate because the issuer is unknown'.

Expected Results:
The intermediate issuer is unknown, but the root issuer (VeriSign Class 3 Public
Primary Certification Authority) is known.  If the browser cannot follow the
certification path to the root, the certificate should not be trusted, and the
text is Page Info is incorrect (I would also expect to be warned).  If the
browser can follow the certification path to the root, the certificate is
trusted and the message in Certificate viewer is incorrect (or at best confusing).

Notes:
This may be a duplicate of bug 93103 (Missing intermediate CA certs limit PSM UI
capabilities), but I wasn't sure.  My build predates the patch in that bug.

There may also be a relation with bug 83530 (Certificate Viewing shows Unknown
Issuer).
(Assignee)

Comment 1

17 years ago

*** This bug has been marked as a duplicate of 93103 ***
Status: UNCONFIRMED → RESOLVED
Last Resolved: 17 years ago
Resolution: --- → DUPLICATE
(Assignee)

Comment 2

17 years ago
Assigning target of 2.1 to all bugs fixed in the 2.1 target timeframe whose
target was not 2.1
Target Milestone: --- → 2.1

Updated

17 years ago
Status: RESOLVED → VERIFIED

Comment 3

17 years ago
Verified dupe.

Updated

13 years ago
Component: Security: UI → Security: UI
Product: PSM → Core

Updated

10 years ago
Version: psm2.1 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.