SSL certificate issue with abrowser
- Inicie sesión o regístrese para enviar comentarios
I am a translator!
With ecne, when I try accessing https://www.registre-copropriete.gouv.fr (French government website for condominium administration information, on which I need to update information) from abrowser, I have a message SEC_ERROR_UNKNOWN_ISSUER. When I ask to display the certificate, I see four tabs. The third tab looks identical to the first tab, and the fourth tab looks identical to the second tab. I include screen captures of the first and second tabs.
I tried with icecat and with torbrowser installed from guix, I have exactly the same. With ungoogled chromium, I don't have any kind of error message. I tried with Fennec (based on Firefox) on my Android phone, there is also no issue.
How can I see in the abrowser message what is considered wrong exactly? Do the exclamation marks indicate that the website is sending something that abrowser does not understand? Or is it something else? How can I check that?
| Adjunto | Tamaño |
|---|---|
| ca-1.png | 127.9 KB |
| ca-2.png | 96.18 KB |
| ca-3.png | 66.14 KB |
| ca-4.png | 101.84 KB |
| ca-5.png | 30.16 KB |
I can't tell what it says in French, I tried the site and it seems down to me. I am not sure why.
EDIT:
I see now the link you posted was incorrect and missing the 's'.
https://www.registre-coproprietes.gouv.fr/
Error code: SEC_ERROR_UNKNOWN_ISSUER
The issuer being Certigna. We might not have their ssl certificates for abrowser. I wonder how to use the ones for ungoogled-chromium.
I am a translator!
$ ls -la /usr/share/ca-certificates/mozilla/Certigna* -rw-r--r-- 1 root root 1330 sept. 14 2024 /usr/share/ca-certificates/mozilla/Certigna.crt -rw-r--r-- 1 root root 2264 sept. 14 2024 /usr/share/ca-certificates/mozilla/Certigna_Root_CA.crt
It seems there are those certificates.
I get nothing, could it be that the site is down?
Same here.
I am a translator!
Sorry, the correct address is https://www.registre-coproprietes.gouv.fr (was missing an s).
It may be a custom SSL vendor not added recently for the ca-certificates package.
Many apps, not only browsers, have custom ssl repositories, so they don't rely on the certs system database.
Ungoogled-chromium might be using chromium's cert database. Firefox (snap) seems to be using a custom db.
If you try Abrowser / IceCat even Firefox-ESR (Debian), who stick to the ca-certificates package content. Then you'll see the error you show.
Seems like the site also might have issues providing a full chain, that could be related too.
You could manually pull and install the ssl cert, then update the database and it should be working for your system.
If you might ask, Debian ca-certificates package latest date/version is: 20250419
And even it has issues with the cert
I wonder if it's just a matter of dates? As in adding the certificate on June 2025, and not been validated 'til the next releases pops up. :-/