ssl trust anchor
Hi Guys,
Trying to view: https://www.pyrtec.com.au/ via firefox on mac (10.7.4), results in a trust anchor error. Site is untrusted, yet in safari (on Mac) shows it is trusted. Also testing on windows with IE, FF, and Safari shows the certificate root is trusted. The certificate is signed by startcom SSL, and is a trusted mozilla root signing authority. Currently running Firefox 12.0 from the release update channel. No new updates available at this time.
Also showing error:
(Error code: sec_error_unknown_issuer)
Although I'm a bit of a loss exactly how to troubleshoot this problem. I have checked the built in firefox certificate tree, and verified both startcomm certificates are there, and it matches the mac built in certificates.
Im a bit stuck as where to go now.
Gewysig op
Gekose oplossing
The HTTPS version of the site doesnt work at all for me and doesnt work with Qualys SSL Labs FairSSL SSL Test either so I guess its a problem with the site itself.
I get these errors on respective sites:
Assessment failed: Unable to connect to server Timeout connecting to the server www.pyrtec.com.au on port 443. Check that the server is accessible from the internet. (o1)
Lees dié antwoord in konteks 👍 0All Replies (4)
Gekose oplossing
The HTTPS version of the site doesnt work at all for me and doesnt work with Qualys SSL Labs FairSSL SSL Test either so I guess its a problem with the site itself.
I get these errors on respective sites:
Assessment failed: Unable to connect to server Timeout connecting to the server www.pyrtec.com.au on port 443. Check that the server is accessible from the internet. (o1)
Gewysig op
Sorry Fixed. Try that again.
I can view the site now on 14.0a2 (2012-05-15)
Gewysig op
I think I noticed a problem with the site, It was using the class1 issuer in the trust chain, and not the class 2 authority, causing (only Mac edition) of Firefox to become upset.
That would appear to be just Firefox being overly sensitive to a slight misconfiguration. Thanks for your website. Did help me determine the problem and haven't come across it yet.