My bank told me that the "invalid security certificate" message I'm getting "is occurring only with the Firefox" and to switch browers. Are they BSing me?
I informed my bank:
scotiarewards.scotiabank.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. (Error code: sec_error_unknown_issuer)
Their response was:
"We have since learned that the problem is occurring only with the Firefox browser. We do not support Firefox and suggest you use an alternate browser such as Internet Explorer."
So what I would like to know is, are they trying to skirt around their certificate by not making it a security issue?
Opaite Mbohovái (2)
Their certificate appears to be fine. The issue is that Firefox doesn't know anything about the organisation which issued the certificate ("Entrust Certification Authority - L1K"). I don't know why, but hopefully someone else can add more information as to why this might be.
You can safely continue to use your banks site in Firefox though.
See also how SSL test sites see this server.
- https://www.ssllabs.com/ssltest/analyze.html?d=scotiarewards.scotiabank.com
- http://www.networking4all.com/en/support/tools/site+check/report/?fqdn=scotiarewards.scotiabank.com&protocol=https
You can copy the certificate data to a .crt text file and import the files in the Certificate Manager to make Firefox trust this server.
- EntrustCertificationAuthority-L1K.crt
do not set any trust bits for intermediate certificates - EntrustRootCertificationAuthority-G2.crt
set the first trust bit to make Firefox use this certificate as root certificate to trust websites
- Tools > Options > Advanced > Certificates: View Certificates