Summary: | New Verisign signed certificates are not recognized as valid | ||
---|---|---|---|
Product: | [Applications] konqueror | Reporter: | Peter Soetens <peter.soetens> |
Component: | general | Assignee: | Brad Hards <bradh> |
Status: | RESOLVED LATER | ||
Severity: | normal | CC: | 1i5t5.duncan |
Priority: | NOR | ||
Version: | unspecified | ||
Target Milestone: | --- | ||
Platform: | unspecified | ||
OS: | Linux | ||
Latest Commit: | Version Fixed In: |
Description
Peter Soetens
2007-07-03 12:28:19 UTC
I'm running into this issue here as well, also with my bank, Bank of America. Here's their login page, which shows the issue. I've already confirmed other people get the same problem too; you don't have to have an account to see it. https://onlineid.bankofamerica.com/cgi-bin/sso.login.controller?state=AZ It appears to be a (c)05 certificate in my case as well. The bank just updated in August (their cert valid Aug 20, 2007 thru Aug 19, 2008, but that's not the signing cert). Meanwhile, that confirmation from a few others is enough for me to believe I'm not getting hit by a MitM attack, so I can accept the bank's certificate and continue as usual. Duncan As a web developer, I just had this with one of our sites, and it turned out that we were missing an "intermediate" certificate which has to be added to the site's configuration (with an "SSLCertificateChainFile" Apache statement) alongside the usual key and certificate files. No warnings were shown in Internet Explorer 7, but Firefox 2 and 3beta5 both said the issuer was not recognised. It may be worth passing this on to the sites mentionned here, in case they have the same mis-configuration. Cheers, Rowan Collins It works for me in konqueror 4.1b2 svn trunk r813735. None of the sites shows any warnings about ssl certificates and the pages are rendered well. This doesn't look like it is being requested by the CA. |