Comment #12 on issue 16773 by [email protected]: Certificate revocation issue for one particular site http://code.google.com/p/chromium/issues/detail?id=16773
Some more info: The certificate chain for https://migs.mastercard.com.au/ma/ has five certificates: http://www.valicert.com/ RSA Public Root CA v1 MasterCard Root Public CA MasterCard SSL Sub CA migs.mastercard.com.au None of the certificates specify an OCSP responder URL. The bottom two certificates specify a CRL distribution point URL of http://certificates.mastercard.com/CRL_PUB/. rogerd007 was able to download a CRL from there manually. The certificate in the middle specifies a CRL distribution point URL of http://www.rsasecurity.com/products/keon/repository/certificate_status/RSA_Public_Roo t_CA.crl Perhaps it was this CRL that Chrome could not download. (Chrome checks the revocation status of every certificate in the chain except the root CA certificate.) The top two certificates don't have a CRL distribution point extension. -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings -- Automated mail from issue updates at http://crbug.com/ Subscription options: http://groups.google.com/group/chromium-bugs
