Eddy Nigg schrieb am 09.04.2010 15:14:
On 04/09/2010 04:05 PM, Ulrich Boche:
I'm not sure what the right newsgroup for this problem is. If I'm not
at the right place here, please let me know.
Apparently, the the CA root certificates that are supplied with
Firefox 3.6.3 are different from those that come with Thunderbird
3.0.4. The following CA certificate:
CN = VeriSign Class 3 Secure Server CA - G2
is not supplied with Thunderbird 3.0.4. I'm getting emails regularly
with remote content from "https://service.lbb.de"; that causes "Secure
connection failed" messages because the server certificate is signed
by the above CA certificate.
If I navigate to the same website with Firefox 3.6.3, the SSL
handshake is successful because the CA certificate is present.
What needs to be done to get this remedied?
I suspect that might be because the server doesn't send the complete CA
chain.
According to Firefox, the complete chertificate chain is:
service.lbb.de
VeriSign Class 3 Secure Server CA - G2
Builtin Object Token: Verisign Class 3 Public Primary Certification
Authority - G2
The certificate I listed is only the intermediate CA certificate, but
the problem remains: the root CA certificate is missing in Thunderbird.
--
Ulrich Boche
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
