Your connection is not secure
Firefox blocks: https://vip.vba.va.gov/portal/VBAH/VBAHome/condopudsearch, and https://vip.vba.va.gov/portal/VBAH/VBAHome/buildersearch "Your connection is not secure" Advanced Tab cites "vip.vba.va.gov uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported." Error code: SEC_ERROR_UNKNOWN_ISSUER
However, IE 11 has no issue accessing the websites.
Keazen oplossing
Servers are supposed to send not just their own certificate, but any intermediate certificate(s) necessary to link the site's certificate with an ultimate authority that browsers trust. IE has a feature to compensate for an incomplete chain of trust, but Firefox doesn't fill in gaps that way.
This site shows that there is a way to collect different signing certificates to confirm that it should be trusted, but there are multiple steps: https://www.ssllabs.com/ssltest/analyze.html?d=vip.vba.va.gov&s=152.132.104.3&latest
I think that means it's currently safe to make a temporary exception for the site. But if they could "clean up their act" that would be great.
Dit antwurd yn kontekst lêze 👍 0Alle antwurden (2)
Keazen oplossing
Servers are supposed to send not just their own certificate, but any intermediate certificate(s) necessary to link the site's certificate with an ultimate authority that browsers trust. IE has a feature to compensate for an incomplete chain of trust, but Firefox doesn't fill in gaps that way.
This site shows that there is a way to collect different signing certificates to confirm that it should be trusted, but there are multiple steps: https://www.ssllabs.com/ssltest/analyze.html?d=vip.vba.va.gov&s=152.132.104.3&latest
I think that means it's currently safe to make a temporary exception for the site. But if they could "clean up their act" that would be great.
Thank you for the info and the link.