This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Certificate Authority missing in Firefox 7.01 from Fedora 16

  • 3 replies
  • 2 have this problem
  • 3 views
  • Last reply by cor-el

more options

Hi,

On Fedora 16 (with all updates), Firefox 7.0.1, connecting to: https://www4.usbank.com results in an error message "This connection is untrusted" and "The certificate is not trusted because no issuer chain was provided" The CA for the certificate is: VeriSign Class 3 Extended Validation SSL CA which is not in listed under Authorities in Certificate Manager.

On Windows 7 (with all updates), Firefox 8.0, the CA is listed under Authorities in Certificate Manager and there is no error connecting to the usbank site.

Is there a reason Firefox 7.0.1 does not include the above CA? If not, how do I update the CA list?

Thanks, Mike

Hi, On Fedora 16 (with all updates), Firefox 7.0.1, connecting to: https://www4.usbank.com results in an error message "This connection is untrusted" and "The certificate is not trusted because no issuer chain was provided" The CA for the certificate is: VeriSign Class 3 Extended Validation SSL CA which is not in listed under Authorities in Certificate Manager. On Windows 7 (with all updates), Firefox 8.0, the CA is listed under Authorities in Certificate Manager and there is no error connecting to the usbank site. Is there a reason Firefox 7.0.1 does not include the above CA? If not, how do I update the CA list? Thanks, Mike

Chosen solution

That is a problem with that server.

A server should send a full certificate chain with all required certificates and this server doesn't send the "VeriSign Class 3 Extended Validation SSL CA" certificate.

You can inspect the certificate chain via a site like this:

Read this answer in context 👍 0

All Replies (3)

more options

Chosen Solution

That is a problem with that server.

A server should send a full certificate chain with all required certificates and this server doesn't send the "VeriSign Class 3 Extended Validation SSL CA" certificate.

You can inspect the certificate chain via a site like this:

more options

Makes sense. Thanks!

more options

You're welcome.

You can contact the site and tell them about this omission, so they can correct it.