Certificate signed by unknown certifying authority

Hi Timmy, and a warm welcome to the forums! 🙂

I'm not an expert on this, but from what I gather their Certificate is signed by Entrust, and you need to get Entrust/Donegal help as to why.

Not certain, but it doesn't quite look like they use the standard x.509...

http://www.imc.org/ietf-pkix/old-archive-98/msg02697.html

Of course you can choose to accept the Certificate if you're certain it's the right site & not a spoof.

i thought Apple is supposed to supply a wide variety of root certs by default.

They do include many, but from my reading about Entrust, is that they do not use the x509 standard for some reason.

Yep, just did, here's from Firefox 3.0.5/10.5.6 fully updted...

Secure Connection Failed

www.donegalgroup.com uses an invalid security certificate.

The certificate is not trusted because the issuer certificate is unknown.

(Error code: sec error_unknownissuer)

* This could be a problem with the server's configuration, or it could be someone trying to impersonate the server.

* If you have connected to this server successfully in the past, the error may be temporary, and you can try again later.

Or you can add an exception…

Haven't looked into that actually, but just tested Safari in 10.5.6 and got the same exact warning.

I am seeing the same error in Firefox 3.X under Windows XP, so I think the issue of whether it is using the Keychain in OS X, or not, is moot. Ironically enough, I found this discussion because I did a search for "entrust firefox certificate error". This was the first result returned, and the site I am having problems with is the same one mentioned originally 🙂

Hi salmonoid, and a warm welcome to the forums! 🙂

Thanks, I was trying to say it seemed a mot point too, but didn't exactly.

I do think for certain now that they use a non-standard way of Certifying.