sábado, 10 de septiembre de 2011

G2-G5 cert problems, Verising again!!!

One year ago Verising Corporation changed those intermediate certificates, those certificates are use for ours internet browsers, mobile devise and all encrypted communications to build the secure connection with client-server authentication (certificate and entities certificate authority to build the chain authentication method).


The fist problem was with G5 cert:

http://treadstoneso.blogspot.com/2011/05/connection-broken-between-isa-fw-and.html

VeriSign Class 3 Public Primary Certification Authority - G5 (serial number)

1b 09 3b 78 60 96 da 37 bb a4 51 94 46 c8 96 78 --- wrong cert

18 da d1 9e 26 7d e8 bb 4a 21 58 cd cc 6b 3b 4a--- wrong cert

‎25 0c e8 e0 30 61 2e 9f 2b 89 f7 05 4d 7c f8 fd --- correct cert

Now there is a problema with G2 certificate:

Problem

VeriSign G2 root not installed in Windows Mobile 5 and Mobile 6 causing trust and synchronization issues.

Windows Mobile

Cause

Verisign G2 root not installed on devices using Windows Mobile 5 and Mobile 6.

Resolution

NOTE: This solution can be used for Secure Site certificates issued via Retail Channels and for Standard certificates issued via Managed PKI for SSL accounts.

Remove all copies of the original VeriSign Class 3 Secure Server CA-G2 intermediate certificate from the server and replace with the Alternate VeriSign Class 3 Secure Sever CA-G2 intermediate. Create a Certificate Snap-in in the Microsoft Management Console (MMC) and remove the original VeriSign Class 3 Secure Server CA-G2 and import the Alternate VeriSign Class 3 Secure Sever CA-G2 in the Intermediate Certification Authorities > Certificate store in MMC. Solution
SO6127 provides instructions on using the MMC.


The original VeriSign Class 3 Secure Server CA-G2 has the following properties:

Issued to: VeriSign Class 3 Secure Server CA-G2

Issued by: VeriSign Trust Network

Serial Number: 6e 4f fa b3 c5 e6 69 c4 d1 67 c9 92 ab e8 58 c4 – wrong

The Alternate VeriSign Class 3 Secure Server CA-G2 has the following properties:

Issued to: VeriSign Class 3 Secure Server CA-G2

Issued by: Class 3 Public Primary Certification Authority

Serial Number: 1b 3a 7b f0 d1 d1 6e 32 3d fe 08 8e e5 cf cc 7c --- correct


https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=SO13347&actp=search&viewlocale=en_US