[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: Missing SSL/https root cert(s)?

Hi Celejar,

>>> Although everything works properly for actual (human) users, a 
>>> coworker has informed me that some of his automated tests are 
>>> failing with invalid https certificate errors.  I checked and, sure 
>>> enough, it's not just his tests:

> To elaborate on / add to this: there's also something called Authority Information Access (AIA), which allows the client to locate a missing intermediate certificate on its own:
> https://www.thesslstore.com/blog/aia-fetching/

Thanks for answering this post as full as you did. I did not know about AIA fetching and it now solves something I had noticed before but never found out why.
Now I know. :-)

I understand finding the balance between a proper configured (web) server and trying to make users don't have problems with misconfigured servers. The same discussion has been going on with what a mail server/client should accept and try to interpret when the sender does not follow the proper rules.

Met vriendelijke groet,
Bonno Bloksma
senior systeembeheerder
Reply to: