Confirmed users, Administrators
5,526
edits
PSM:EV Testing Easy Version: Difference between revisions
Jump to navigation
Jump to search
m
updated for new tool
m (clarification) |
m (updated for new tool) |
||
| Line 32: | Line 32: | ||
* The EV Policy OID in the end-entity and intermediate certificates must match the EV Policy OID that you enter. (Note: the intermediate cert can use the anyPolicy oid rather than the EV policy oid.) | * The EV Policy OID in the end-entity and intermediate certificates must match the EV Policy OID that you enter. (Note: the intermediate cert can use the anyPolicy oid rather than the EV policy oid.) | ||
** SEC_ERROR_POLICY_VALIDATION_FAILED error may mean that the intermediate certificate being sent by the server doesn't have a certificate policies extension, or has an incorrect policy OID. | ** SEC_ERROR_POLICY_VALIDATION_FAILED error may mean that the intermediate certificate being sent by the server doesn't have a certificate policies extension, or has an incorrect policy OID. | ||
* If the test website cannot be reached by the server hosting the tool, check to see if you have a firewall preventing access | * If the test website cannot be reached by the server hosting the tool, check to see if you have a firewall preventing access. If you are unable to create a test website that can be reached by the server hosting the tool, then you can download a copy of the [https://github.com/mozilla/tls-observatory source code] for the tool, compile it, and run it on your own server. | ||
* Still failing? Try testing with https://certificate.revocationcheck.com/ because frequently resolving the errors listed on that page will resolve problems with EV testing. | * Still failing? Try testing with https://certificate.revocationcheck.com/ because frequently resolving the errors listed on that page will resolve problems with EV testing. | ||