Firefox Quantum detects only the first member in certificate chain
Hi, on our website https://iva2018.westernsydney.edu.au we have installed the certificate (it does not encrypt images but we are fine with that).
We have a problem with Firefox on MAC which only detects the first member of certificate chain and gives away the "Error code: SEC_ERROR_UNKNOWN_ISSUER"
Attached are the two images, first is the certificate chain from Firefox and then from Chrome. It works also on Safari. We had no issues on Firefox on Windows.
Any idea what is the problem? Thanks
Kind regards
Alla svar (3)
There is security software like Avast and Kaspersky and BitDefender and ESET that intercepts secure connections and sends their own certificate or that incorporates special web shielding features that can block content.
You may have to visit the forum of your security program after updating and checking first.
https://support.mozilla.org/en-US/kb/troubleshoot-SEC_ERROR_UNKNOWN_ISSUER
Please let us know if this solved your issue or if need further assistance.
See:
The server does not support Forward Secrecy with the reference browsers. MORE INFO » This server's certificate chain is incomplete. Grade capped to B. This site works only in browsers with SNI support. DNS Certification Authority Authorization (CAA) Policy found for this domain. MORE INFO »
Guys, thanks for super fast answer. Unfortunately neither leads to the solution. I am NOT using any security program, I have almost clean install of High Sierra. As mentioned, the site works on ALL other browsers, including Firefox on Windows. This issue happens only on MAC.
I performed the SSL report as well and it seems that the site only does not provide the lead-up certificate and extra download is needed, but that should not stop browser from detecting the full chain no?