Question: SHA-2 Certificates and IIS 6 Issues

Add your own question »

Still looking for the right answer? Log in or Register to ask a question.
  • Like
  • Unlike

Has anyone had fun with FF not trusting the new SHA-2 certs ?
"The certificate is not trusted because the issuer certificate is unknown."
I've added the intermediate certificate and root CA on my web server, but I still get the same issue -
Only FF is affected as I'm guessing it's CA bundle doesn't include the new SHA-2 root CA.


+1 -1


IIS is a pain in the @rse !!!

Basically, make sure you delete the old USERTrustRSAAddTrustCA certificate first via the snap-in.
Otherwise IIS will pick the old incorrect one when it presents the chain (well, it did in my case anyway)...