|
|
|
|
|
|
by chigley
4408 days ago
|
|
|
I ran the Qualsys SSL Labs test on the site[0]. It reports an incomplete chain; that is, the server doesn't supply the intermediate certificate required (Entrust Certification Authority - L1C) to bridge the gap between the site's certificate and the Entrust certificate in most browser/OS stores. This intermediate certificate must instead be downloaded by the browser. I suspect, therefore, that some browsers do not have the intermediate certificate and so the certificate cannot be validated. [0] https://www.ssllabs.com/ssltest/analyze.html?d=isapps.acxiom... |
|
|
I work for a security company so have zero expectations of privacy when I'm on the corporate network (which I was here) but I also see the same issue on both 3 and EE in the UK.
I don't generally see issues like this on the corporate network so there's something different about this case.
Of course Acxiom really should serve the site and intermediate certificates together to reduce round-trips and speed up the handshake.