New Network Solutions ssl certificate might cause problems with applets
Network Solutions switched it’s top level certificate authority from GTE to AddTrust.. That’s fine if your web application doesn’t use any applets. AddTrust is not included in Java certificate chain prior to Java 1.5. So, if your clients have old version of java installed, they will keep getting a security warning each time they invoke applet on your secure web page. It’s not documented anywhere on Net Solutions’ site.
Category: Software, Web One comment »
June 25th, 2007 at 7:47 pm
That is the least of the problems. I recently ran into major problems with their new root/chain.
Prior to 1.5 is not correct. Priory to 1.5.0_09 which MANY business are using is more like it. Not only that, older installations of openssl will also have issues. That means many php and perl apps will break in addition to weblogic, jboss, websphere and so on. Just upgrade? Not that easy, as any development org knows.
Windows workstations using MSIE6 SP1 or older will not be able to deal with their new root as well.
This is not the only problem. Java prior to version 1.6 will not be able to deal with EV SSL certs at all.
Network Solutions is trying to force the world to upgrade all their machines. As much as I would like that to happen, we know it will not.
I believe this is just the tip of the iceberg. They really should have kept the GTE cert as long as possible. Many people are going to be forced to either go to Verisign (expensive) or GoDaddy (omg no!).