A look at untrusted certificates

Today I did a blog post on how browsers show expired certificates. I figured I would take the opportunity to capture a few of the other failure cases for certificates.


The most severe example is that of an untrusted root certificate, for this scenario I figured the use of https://cacert.org was the most direct example.


There are a few cases where this error condition will come up, for example another one is if a server doesn’t include all of the intermediate certificates the clients cannot determine which Certificate Authority issued the certificate.

According to the current SSL Pulse data about 7.4% of the servers in the Alexa top one million may fall into this case.



Internet Explorer





One thought on “A look at untrusted certificates

  1. Pingback: A look at revoked certificates

Leave a Reply

Your email address will not be published. Required fields are marked *