On 2019-05-05 at 16:22 +0000, Harvey Rothenberg wrote: > To Whom It May Concern, > > I'm receiving a " Warning : Potential Security Rick Ahead " by my use of > FireFox on my Xubuntu 18.04 Laptop (see screenshot below). > >
Thanks Harvey I also receive this error. Seems the webmaster of tiswww.case.edu missed including the intermediate certificate. YMMV, as your browser may have the intermediate cached from visiting other sites, but this *is* misconfigured. See the results at https://www.ssllabs.com/ssltest/analyze.html?d=tiswww.case.edu As they are using Apache (assuming it is doing the TLS termination) this would involve the directive SSLCertificateChainFile, SSLCertificateFile or SSLCACertificateFile, depending on the exact version and personal preferences. Additionally, the linked Qualys tool detected that this server is vulnerable to ROBOT, so perhaps there is an outdated appliance doing the TLS termination in front of the web server. Chet, can you forward this to the case.edu people administrating that server? Kind regards
