On 09/16/2008 05:12 PM, Fabio Spelta: > Hello everybody and thanks for reading. > > Many educational institutions, among which there are various Italian > universities, are using X.509 certificates issued by the "Cybertrust > Educational CA" for their websites. > In Italy such certificates are obtained mainly through the GARR Italian > Academic& Research Network, www.garr.it. > The Cybertrust Educational certificate can be found at > http://secure.globalsign.net/cacert/sureserverEDU.pem. > That's in turn signed by the "GTE CyberTrust Global Root" certificate. > Please refer to http://secure.globalsign.net/cacert/ct_root.pem. > > While certificates signed by that authority are trusted and seamlessly > accepted by the default installations of Internet Explorer (since > version 6) and now also by Google Chrome, Mozilla Firefox still doesn't > trust them (not even the latest 3.1 alpha2). > > I'm writing to kindly ask you to consider to insert the Cybertrust > Educational certificate in the list of the trusted certificate authorities. > That would be very helpful to all the organizations which use such > certificates for they websites, expecially in view of the growing user > base of Firefox in Italy. > > Should you need further details, don' t hesitate to get in touch with me. >
The CA certificate you referred above is signed by a CA root which is included in NSS. Therefore the error you are seeing is a server side installation failure and the server doesn't send the complete chain. This has been a known issue with Mozilla based products and servers are required to send the chain up to the root. Please contact the administrator of the site and ask to correct this issue. By having a look at this root I realized that the purposes of the certificate show in in Firefox for: SSL Server Certificate Email Signer Certificate Email Recipient Certificate SSL Certificate Authority Status Responder Certificate This is a builtin root! Nelson...can you check out those usages? -- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: [EMAIL PROTECTED] Blog: https://blog.startcom.org _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
