That's pretty shady on Target's part. I'd let their support team know, ASAP.
Taking a quick look, the issuer here is: CN = Verizon Public SureServer EV SSL CA G14-SHA2 OU = Cybertrust O = Verizon Enterprise Solutions L = Amsterdam C = NL You'd have to go out to Verizon's site, grab the intermediate cert and check for yourself if it's valid. Not exactly how it should be. Given Target's historic IT foibles (can we say "credit cards," anyone?), I'm not so inclined to trust their website! The problem isn't at the browser level: if site admins don't provide an intermediate cert, _it's_ _on_ _them_. The whole point of intermediate certificates is that it's _not_ trusted by browsers. That way if an intermediate cert gets compromised, server admins can go get the new one and install it--no reason for every end user on the planet to have to replace it in their browser. John On Fri, Sep 18, 2015 at 11:33 AM, Bill Bogstad <[email protected]> wrote: > At the most recent BBLISA meeting, there a brief discussion of > SSL/certs. Unfortunately, I never asked about an issue that I had > recently with Firefox and certs. It seems that > Firefox is not happy with this site: > > https://help.target.com/ > > when I check it with one of the on-line SSL checking sites, it seems > that Target isn't providing a complete chain back to a root CA. Any > idea how one goes about getting a web site to fix problems like this? > I tried reporting it using a different browser and I got the typical > "reboot your computer, reinstall, etc. etc." response. > > Bill Bogstad > > _______________________________________________ > bblisa mailing list > [email protected] > http://www.bblisa.org/mailman/listinfo/bblisa -- John Miller Systems Engineer Brandeis University [email protected] (781) 736-4619 _______________________________________________ bblisa mailing list [email protected] http://www.bblisa.org/mailman/listinfo/bblisa
