Поиск в Поддержке

Избегайте мошенников, выдающих себя за службу поддержки. Мы никогда не попросим вас позвонить, отправить текстовое сообщение или поделиться личной информацией. Сообщайте о подозрительной активности, используя функцию «Пожаловаться».

Подробнее

Firefox for Mac doesn't recognize a valid SSL certificate

more options

Firefox for Mac does not recognize the valid SSL certificate for this site, which I manage: https://www.georgeglazer.com. It gives an "untrusted" warning. However, Firefox for Windows does not give a warning. This happens even if I clear the cache and it happens in both the Mavericks and Yosemite OS. The certificate is up to date and is with Comodo. Firefox for Mac is now the only browser producing these errors (v. 39, up to date) -- Internet Explorer, Safari and Chrome do not. Our hosting provider said that it is probably a browser issue, perhaps having to do with the intermediate certificates in Firefox being out of date. I really hope you'll fix this, as it's annoying to us when we're doing the right thing by our customers and paying for the SSL certificate. I have attached a picture of the warning and another of what you see on a PC: a pop-up that says it's a verified SSL certificate and gives the details about the issuer, period of validity, etc.

Firefox for Mac does not recognize the valid SSL certificate for this site, which I manage: https://www.georgeglazer.com. It gives an "untrusted" warning. However, Firefox for Windows does not give a warning. This happens even if I clear the cache and it happens in both the Mavericks and Yosemite OS. The certificate is up to date and is with Comodo. Firefox for Mac is now the only browser producing these errors (v. 39, up to date) -- Internet Explorer, Safari and Chrome do not. Our hosting provider said that it is probably a browser issue, perhaps having to do with the intermediate certificates in Firefox being out of date. I really hope you'll fix this, as it's annoying to us when we're doing the right thing by our customers and paying for the SSL certificate. I have attached a picture of the warning and another of what you see on a PC: a pop-up that says it's a verified SSL certificate and gives the details about the issuer, period of validity, etc.
Приложенные скриншоты

Выбранное решение

COMODO should have sent you a link to download the "bundle file" containing the intermediate certificates. That needs to go into the same directory as your site's certificate. If you are using a control panel, your host probably can help with that process. And if you bought it through them, shame on them for not taking care of this for you already!

Прочитайте этот ответ в контексте 👍 1

Все ответы (2)

more options

The www.georgeglazer.com server doesn't send a required intermediate certificate.

  • COMODO RSA Organization Validation Secure Server CA

You can inspect the certificate chain via a site like this:

You can export the missing intermediate certificate on the Windows computer and import the certificate in the Firefox Certificate Manager under the Authorities tab.

  • Firefox > Preferences > Advanced > Certificates: View Certificates

Firefox automatically stores intermediate certificates that servers send in the Certificate Manager for future use. Stored intermediate certificates show as "Software Security Device" in the "Security Device" column in the Certificate Manager. A server needs to send the full certificate chain that includes all required intermediate certificates. If a server doesn't send a full certificate chain then you wouldn't get an untrusted error if Firefox has stored missing intermediate certificates by visiting a server in the past that has send this certificate, but you do get an untrusted error if this intermediate certificate isn't stored yet.

more options

Выбранное решение

COMODO should have sent you a link to download the "bundle file" containing the intermediate certificates. That needs to go into the same directory as your site's certificate. If you are using a control panel, your host probably can help with that process. And if you bought it through them, shame on them for not taking care of this for you already!