[BBLISA] solution to web sites with incomplete SSL cert chains
Theo Van Dinter
felicity at kluge.net
Fri Sep 18 13:27:08 EDT 2015
Doing a search around, everything I find seems to go to
http://help.target.com/ -- I can't find anything that references the https
version. How did you end up on their SSL site?
https://www.target.com/ doesn't work either -- the certificate is cn=
a248.e.akamai.net.
https://www-secure.target.com/ redirects to http://www.target.com/, but
some URLs like https://www-secure.target.com/GuestGCCheckBalanceView are
ok. This is working at intended I think.
I'm thinking the issue is less not having the intermediate certificate
available, and more about having sites available via https/443 at all when
they're not meant to be used that way.
On Fri, Sep 18, 2015 at 11:33 AM Bill Bogstad <bogstad at pobox.com> wrote:
> At the most recent BBLISA meeting, there a brief discussion of
> SSL/certs. Unfortunately, I never asked about an issue that I had
> recently with Firefox and certs. It seems that
> Firefox is not happy with this site:
>
> https://help.target.com/
>
> when I check it with one of the on-line SSL checking sites, it seems
> that Target isn't providing a complete chain back to a root CA. Any
> idea how one goes about getting a web site to fix problems like this?
> I tried reporting it using a different browser and I got the typical
> "reboot your computer, reinstall, etc. etc." response.
>
> Bill Bogstad
>
> _______________________________________________
> bblisa mailing list
> bblisa at bblisa.org
> http://www.bblisa.org/mailman/listinfo/bblisa
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.bblisa.org/pipermail/bblisa/attachments/20150918/31b24110/attachment-0001.html>
More information about the bblisa
mailing list