Updates:
Status: Upstream
Comment #5 on issue 25059 by [email protected]: SSL Cert incorrectly(?)
called 'invalid'
http://code.google.com/p/chromium/issues/detail?id=25059
I checked in a change to use cert_pi_useAIACertFetch to work
around this NSS bug. Now Chrome can connect to
https://ecommerce.amga.org/iMISPublic/ with no certificate
error because it downloads the missing intermediate CA
certificate using the URL in the server certificate's "AIA"
extension.
------------------------------------------------------------------------
r30585 | [email protected] | 2009-10-30 09:34:49 -0700 (Fri, 30 Oct 2009) |
15 lines
X509Certificate::Verify should honor the
VERIFY_REV_CHECKING_ENABLED flag. This allows us to enable
part of the X509CertificateTest.PaypalNullCertParsing test
for Linux because the test disables revocation checking,
thereby avoiding the overly strict assertion in nss_ocsp.cc.
Enable cert_pi_useAIACertFetch to fetch missing
intermediate CA certificates.
Handle a non-certificate error reported by PKIXVerifyCert.
R=ukai
BUG=none
TEST=none
Review URL: http://codereview.chromium.org/333033
------------------------------------------------------------------------
--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings
--
Automated mail from issue updates at http://crbug.com/
Subscription options: http://groups.google.com/group/chromium-bugs
