Problem with Comodo Extended Validation certificates
Reported by
christop...@gmail.com,
Apr 28 2016
|
||
Issue descriptionUserAgent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 Example URL: https://www.gandi.net Steps to reproduce the problem: 1. Open up to date Chrome on any Mac OS >= 10.10 Yosemite 2. Navigate to https://www.gandi.net 3. Unable to connect to remote server What is the expected behavior? Remote website should appear. What went wrong? I guess there is a problem with EV certificates using this CA: "COMODO RSA Extended Validation Secure Server CA". Many different Mac users are reporting us this problem. It can be reproduced by visiting: - https://www.easyjet.com - https://www.ikeafoundation.org - https://support.comodo.com - https://www.gandi.net Using command curl inside iTerm it segfault when fetching website above. Like: "curl -v https://www.easyjet.com". Did this work before? N/A Chrome version: 50.0.2661.86 (64-bit) Channel: stable OS Version: 10.10 and above Flash Version:
,
Apr 28 2016
I am having no problem connecting to https://www.gandi.net with Chrome 50.0.2661.86 (64 bit) on OSX 10.11.4 A net-internals trace may help understand the issue here.
,
Apr 28 2016
That was related to a certificates chain loop. The now revoked CA "UTN DATACorp SGC" was used. Users had to remove this CA from their local-personnal trust store. Doing so latest chrome and curl works on https://www.gandi.net. We warned our users: https://wiki.gandi.net/en/gandi/chrome-https-error-mac . Sorry for the noise. This bug can be closed.
,
Dec 21 2016
|
||
►
Sign in to add a comment |
||
Comment 1 by cbentzel@chromium.org
, Apr 28 2016