[RndTbl] Browser not receiving entire certificate chain?
Dan Keizer
dan at keizer.ca
Fri Jun 12 15:14:46 CDT 2015
Works fine with all 3 browsers I tried ... chrome Firefox and ie ...
Dan
On Fri, Jun 12, 2015, 14:19 Wyatt Zacharias <wyatt at magitech.ca> wrote:
> So we recently upgraded our SSL certificate to SHA256 to meet Google's new
> security policies,
> and now we're getting very isolated incidents where browsers do not trust
> the new certificate because
> the don't trust the CA that issued them. It first started from on a couple
> of our internal workstations
> but we now have a customer with the same issue. From what I can see, it
> looks like the browser is
> not seeing the first certificate in the chain, which is the Verisign root
> certificate, and then it doesn't
> trust the rest of the chain.
>
> Here's what our correct chain looks like:
> [image: Inline image 1]
>
> And here's what I see on the clients with the error:
> [image: Inline image 2]
>
> Could it be an issue on the Apache end, or maybe an obscure issue with
> Internet explorer?
> It's odd that I don't even see the first certificate in the chain marked
> as invalid, I just don't see
> a certificate at all.
>
> If anyone cares to give it try for themselves, https://www.mb.bluecross.ca
> let me know if you get
> an error.
>
> --
> Wyatt Zacharias
>
> _______________________________________________
> Roundtable mailing list
> Roundtable at muug.mb.ca
> http://www.muug.mb.ca/mailman/listinfo/roundtable
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.muug.mb.ca/pipermail/roundtable/attachments/20150612/d3c55386/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 10917 bytes
Desc: not available
URL: <http://www.muug.mb.ca/pipermail/roundtable/attachments/20150612/d3c55386/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 15084 bytes
Desc: not available
URL: <http://www.muug.mb.ca/pipermail/roundtable/attachments/20150612/d3c55386/attachment-0003.png>
More information about the Roundtable
mailing list