搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

Learn More

Untrusted connection on Firefox 35.01 on ubuntu 14.04 LTS

  • 9 回覆
  • 1 有這個問題
  • 12 次檢視
  • 最近回覆由 John99

more options

when I go to the site https://adium.im I get the message "This cinnection is untrusted" even though another browser on the same machine and other workstations using the same network do not have this error running Firefox.

I have tried removing the cert.db file and a reset of firefox with no effect.

when I go to the site https://adium.im I get the message "This cinnection is untrusted" even though another browser on the same machine and other workstations using the same network do not have this error running Firefox. I have tried removing the cert.db file and a reset of firefox with no effect.

由 Mace2 於 修改

所有回覆 (9)

more options
more options

The adium.im server doesn't send required intermediate certificate(s).

You can inspect the certificate chain via a site like this:

The server always needs to install all intermediate certificates.

Firefox automatically stores intermediate certificates that servers send in the Certificate Manager for future usage. If a server doesn't send a full certificate chain then you won't get an untrusted error when Firefox has stored missing intermediate certificates from visiting a server in the past that has send it, but you do get an untrusted error if this intermediate certificate isn't stored yet.


由 cor-el 於 修改

more options

When I run the web http://www.networking4all.com/en/support/tools/site+check/ i get the following

Error while checking the SSL Certificate!!

The SSL Certificate we found on this site is not meant for adium.im, probably this is another site on the same server.

We advise you not to submit any confidential or personal data to this website because a secure connection could not be established with this website.

   - SSL Certificate is not expired
   - Site is not listed in the certificate
   - Organisation details are not listed
   - Encryption strength is at least 2048-bit
   - Signature Algorithm is strong
   - Accepting only high encryption cipher suites
   - No connection upgrade to 128-bit for old browsers
   - No Extended Validation on company details
   - No Debian weak key present
   - No known security issues for this Certificate Authority

However my Mac running Firefox 31.4 ESR doesnt show any error when I open the web site adium.m it shows up as "https://adium.im" . Also Chrome shows no error opening the web site. See enclosed file.

more options
  • "site is not listed in the certificate" was flagged description but did not show on my posting
more options

You need to place www. in front of the URL to avoid this certificate error: www.adium.im

As I posted above, it is always possible that you have visited a server before that has send this intermediate certificate. Firefox stores intermediate certificates that are send by the server to have them available for future visits to a website that uses them. Such issues should always be tested in a new profile or with the cert8.db file temporarily renamed.

more options

This is clearly a problem with firefox on Ubuntu. I have tried another firefox on a another machine and the same problem. Only on Ubuntu

more options

Seems it is not all Ubuntu

I have no issue with that site using Ubuntu 14.04 in Firefox Release 35.01 (fx35 still - not yet fx36) Canonical build, from the distro.

more options

John 99 when you say you have no issue with the site can you connect to https://www.adium.im with a proper https connection with no untrusted errors?

I have reinstalled Ubuntu 14.04 lts and have the same error message. Since firefox keeps its own certs how can this be verified as a valid https site?

more options

I am not getting untrusted errors on https://www.adium.im/

I do note on checking with http://www.networking4all.com/en/support/tools/site+check/report/?fqdn=https%3A%2F%2Fwww.adium.im%2F&protocol=https

I do get

- Site is not listed in the certificate

As can be seen above I did that check including https://www...

General info
The SSL Certificate for *.adium.im is signed by COMODO RSA Domain Validation Secure Server CA wich is signed by GlobalSign Root CA . The SSL Certificate will expire on Thursday 25 June 2015 this means it is still valid for 117 days. 
....
Subject Alternative Name (SAN)
This SSL Certificate has 2 subject alternative name(s). This means that this SSL Certificate is not only valid for *.adium.im but in this case also for the alternative names *.adium.im, adium.im  

I guess I had visited the server before, whilst looking at this thread. With another instance of Firefox open using a new profile I do get an error

www.adium.im uses an invalid security certificate. The certificate is not trusted because no issuer chain was provided. (Error code: sec_error_unknown_issuer)