Accessing https://homologacao.nfce.fazenda.sp.gov.br gives me the same error with Firefox 27 as with more recent versions. It looks like the server isn't sending a complete certificate chain. More specifically, a certificate with common name "Autoridade Certificadora Raiz Brasileira v2" is necessary. There may be more, if that certificate isn't signed by a root in Mozilla's root program.
Hope this helps, David On 03/26/14 11:29, [email protected] wrote: > Hi Brian, > I'm developing a Government Website that should be available to any of the > main browsers, but our site certificate is not being recognized by Firefox > since version 28 (it's OK for IE, Chrome and FF before v.28). To be able to > recognize the certificate, our users have to manually import the certificates > of all CA's in the chain. > > The site is https://homologacao.nfce.fazenda.sp.gov.br > > Our certificate was issued by brazilian CA "ICP-Brasil" . > > If you log with IE or Chrome you'll be able to download the certificate and > check the CA chain. > > I think that if the chain could be added to the list of certificates it would > solve the problem. We have another website that is certified by Verisign and > it works normally > (https://nfe.fazenda.sp.gov.br/ConsultaNFe/consulta/publica/ConsultarNFe.aspx) > > Could you please help? I'd like to open a proper change request but I don't > know how to do that. > > Thanks in advance, > Fabio _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
