Firefox for Mac doesn't recognize a valid SSL certificate
Firefox for Mac does not recognize the valid SSL certificate for this site, which I manage: https://www.georgeglazer.com. It gives an "untrusted" warning. However, Firefox for Windows does not give a warning. This happens even if I clear the cache and it happens in both the Mavericks and Yosemite OS. The certificate is up to date and is with Comodo. Firefox for Mac is now the only browser producing these errors (v. 39, up to date) -- Internet Explorer, Safari and Chrome do not. Our hosting provider said that it is probably a browser issue, perhaps having to do with the intermediate certificates in Firefox being out of date. I really hope you'll fix this, as it's annoying to us when we're doing the right thing by our customers and paying for the SSL certificate. I have attached a picture of the warning and another of what you see on a PC: a pop-up that says it's a verified SSL certificate and gives the details about the issuer, period of validity, etc.
被采纳的解决方案
COMODO should have sent you a link to download the "bundle file" containing the intermediate certificates. That needs to go into the same directory as your site's certificate. If you are using a control panel, your host probably can help with that process. And if you bought it through them, shame on them for not taking care of this for you already!
定位到答案原位置 👍 1所有回复 (2)
The www.georgeglazer.com server doesn't send a required intermediate certificate.
- COMODO RSA Organization Validation Secure Server CA
You can inspect the certificate chain via a site like this:
You can export the missing intermediate certificate on the Windows computer and import the certificate in the Firefox Certificate Manager under the Authorities tab.
- Firefox > Preferences > Advanced > Certificates: View Certificates
Firefox automatically stores intermediate certificates that servers send in the Certificate Manager for future use. Stored intermediate certificates show as "Software Security Device" in the "Security Device" column in the Certificate Manager. A server needs to send the full certificate chain that includes all required intermediate certificates. If a server doesn't send a full certificate chain then you wouldn't get an untrusted error if Firefox has stored missing intermediate certificates by visiting a server in the past that has send this certificate, but you do get an untrusted error if this intermediate certificate isn't stored yet.
选择的解决方案
COMODO should have sent you a link to download the "bundle file" containing the intermediate certificates. That needs to go into the same directory as your site's certificate. If you are using a control panel, your host probably can help with that process. And if you bought it through them, shame on them for not taking care of this for you already!