I get the same results using www.digicert.com/help : Subject AC Secretaria da Receita Federal do Brasil v3 Valid from 21/Oct/2011 to 21/Oct/2021 Issuer Autoridade Certificadora Raiz Brasileira v2
The certificate is not signed by a trusted authority (checking against Mozilla's root store). If you bought the certificate from a trusted authority, you probably just need to install one or more Intermediate certificates. Contact your certificate provider for assistance doing this for your server platform. -----Original Message----- From: dev-security-policy [mailto:dev-security-policy-bounces+ben=digicert....@lists.mozilla.org] On Behalf Of David Keeler Sent: Wednesday, March 26, 2014 12:52 PM To: dev-security-policy@lists.mozilla.org Subject: incomplete certificate chain [was Re: As of Firefox 28, Firefox will not fetch CRLs during EV certificate validation] Accessing https://homologacao.nfce.fazenda.sp.gov.br gives me the same error with Firefox 27 as with more recent versions. It looks like the server isn't sending a complete certificate chain. More specifically, a certificate with common name "Autoridade Certificadora Raiz Brasileira v2" is necessary. There may be more, if that certificate isn't signed by a root in Mozilla's root program. Hope this helps, David On 03/26/14 11:29, fabio.nagam...@gmail.com wrote: > Hi Brian, > I'm developing a Government Website that should be available to any of the main browsers, but our site certificate is not being recognized by Firefox since version 28 (it's OK for IE, Chrome and FF before v.28). To be able to recognize the certificate, our users have to manually import the certificates of all CA's in the chain. > > The site is https://homologacao.nfce.fazenda.sp.gov.br > > Our certificate was issued by brazilian CA "ICP-Brasil" . > > If you log with IE or Chrome you'll be able to download the certificate and check the CA chain. > > I think that if the chain could be added to the list of certificates > it would solve the problem. We have another website that is certified > by Verisign and it works normally > (https://nfe.fazenda.sp.gov.br/ConsultaNFe/consulta/publica/ConsultarN > Fe.aspx) > > Could you please help? I'd like to open a proper change request but I don't know how to do that. > > Thanks in advance, > Fabio _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy