Bug#670882: libnss3-1d: Iceweasel says that various sites use an invalid security certificate

Vincent Lefevre vincent at vinc17.net
Wed Aug 29 21:22:06 UTC 2012


On 2012-05-01 02:59:12 +0200, Vincent Lefevre wrote:
> The problem seems to be that the new libnss3-1d is confused by
> intermediate certificates from cert8.db that are in the chain.
> 
> For instance, if I remove the UTN-USERFirst-Hardware certificate
> with
> 
>   certutil -D -d .mozilla/firefox/xwsukxd4.test6/ -n UTN-USERFirst-Hardware
> 
> the problem disappears on <https://www.zeroforfait.fr/>.

Could this be the same problem as:

  https://bugzilla.mozilla.org/show_bug.cgi?id=634074

It looks very similar, with cert8.db involved in both cases.

-- 
Vincent Lefèvre <vincent at vinc17.net> - Web: <http://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <http://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)



More information about the pkg-mozilla-maintainers mailing list