Our sites SSL certificate contains following information
Common Name (CN): VeriSign Class 3 Secure Server CA
Organization (O): VeriSign, Inc.
Organizational Unit (OU): VeriSign Trust Network
This certificate is not accepted by FireFox 2.0.0.x (FF) and Netscape
Navigator (NN). I did not find exact match in trusted authorities tab
of FF/NN
Is there any plan to include this common name in FF by default? Or
should we re-obtain our certificate?
(Our cert works fine in IE 6.x)
Thanks,
Sameer
As far as I know, "VeriSign Class 3 Secure Server CA" is not a root
certificate, but an intermediate certificate that you must install on
your server. See
http://www.verisign.com/support/advisories/page_040611.html
> (Our cert works fine in IE 6.x)
Perhaps you have previously visited another correctly configured web
server? I believe IE caches intermediate certificates it encounters.
--
Hasse
Thanks for your reply. Our team solved this issue by using following
method
SSLCertificateFile server-prod.crt
SSLCertificateKeyFile server-prod.key
SSLCACertificateFile verisign.key
We appended contents of server-prod.crt to verisign.key and used
resulting file as SSLCACertificateFile. Then FF/NN stopped giving any
pop-up. Is this a valid/recommended/documented fix?
Thanks,
Sameer
Sorry, I don't know. But VeriSign support ought to be able to help you
with that.
--
Hasse