Firefox users are getting the message This connection is untrusted when going to our web site. under the technical details section it lists the reason as "The certificate is not trusted because the issuer certificate is unknown." We just installed new certs yesterday. Other browsers don't seem to be having this problem. Can anyone shed some light?
4
-
IE11 indicates the CA isn't trusted.– RamhoundCommented Feb 18, 2015 at 17:45
-
@Ramhound, what are you clicking in IE to see this?– Mr. B-BCommented Feb 18, 2015 at 18:12
-
I click on the red icon that is shown when the IE determines there is a problem with the secure connection. I can confirm the CA used isn't trusted by the computer I am working on ( by default ). Firefox uses its own certificate store. Chrome and IE uses the OS certificate store.– RamhoundCommented Feb 18, 2015 at 18:35
-
Check this support.mozilla.org/en-US/kb/connection-untrusted-error-message can get you with some idea.– BDRSuiteCommented Feb 18, 2015 at 18:35
Add a comment
|
1 Answer
According to the report from ssllabs you are missing chain certificates. This way browsers which do not have the missing intermediates certificates cached and which don't download them can not verify the certificate chain.
Apart from that you better make lots of improvements for this site:
- SSLv3 is still enabled (broken)
- RC4-MD5 as preferred cipher (weak)
