Certificates trusted by Mozilla fail the check #16
Comments
|
See if |
|
Nope, |
|
To make a clarification, I visit the aforementioned websites with Firefox and there is no error but the script reports an error in the certificate and that it's not trusted by Firefox. |
|
Update: Two websites that make sure of the same Root CA are being reported one as trusted and the other as not trusted. The site reported as not trusted has an EV Certificate if that helps. |
|
What are the sites? |
|
I think we're hitting the recent removal of 1024-bit certs from the Mozilla cert bundle and the fact that OpenSSL doesn't support certificate path discovery. Does it work with my recent change to |
|
Some sites (mostly EV's) have been fixed. Others unfortunately continue to be reported as not trusted.. I am still looking for a better file / solution to this problem as we speak.. |
|
I have manually added the Root CA's again into the |
|
I think I fixed https://www.nbg.gr/ hanging. |
|
Both www.nbg.gr and www.alpha.gr work for me now. |
|
Yup, they seem to work fine. |
|
So, is this issue resolved? |
|
What domains are still failing? |
|
An example is https://www.auth.gr |
|
Evidently that's a recently fixed limitation of OpenSSL. |
Sites with certificates trusted by the latest Mozilla Firefox are being reported as not trusted.
More specifically, I have observed such behavior from
VeriSign Class 3 Public Primary Certification Authority - G5andAddTrust Public Services Rootso far. Will update this bug if I find more root CAs included in themoz-certs.pemand reported as not trusted.The text was updated successfully, but these errors were encountered: