Re: Missing SSL/https root cert(s)?
On Fri, 21 May 2021 06:02:10 +0000
Bonno Bloksma <b.bloksma@tio.nl> wrote:
> Hi Celejar,
>
> >>> Although everything works properly for actual (human) users, a
> >>> coworker has informed me that some of his automated tests are
> >>> failing with invalid https certificate errors. I checked and, sure
> >>> enough, it's not just his tests:
>
> > To elaborate on / add to this: there's also something called Authority Information Access (AIA), which allows the client to locate a missing intermediate certificate on its own:
> > https://www.thesslstore.com/blog/aia-fetching/
>
> Thanks for answering this post as full as you did. I did not know about
> AIA fetching and it now solves something I had noticed before but never
> found out why.
> Now I know. :-)
Hey, I had never heard of it either - I was just intrigued by the
puzzle the OP presented, so I dug around a bit ;)
> I understand finding the balance between a proper configured (web)
> server and trying to make users don't have problems with misconfigured
> servers. The same discussion has been going on with what a mail
> server/client should accept and try to interpret when the sender does
> not follow the proper rules.
>
> Met vriendelijke groet,
> Bonno Bloksma
> senior systeembeheerder
Celejar
Reply to: