Uploaded image for project: 'Mojang Web Services'
  1. Mojang Web Services
  2. WEB-196

Mojang servers appear to be handing out incorrect SSL certificates

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Awaiting Response
    • Icon: Normal Normal
    • None
    • None

      https://bugreports.qt.io/browse/QTBUG-42134 for details.

      relevant response from QT devs is:

      Richard Moore added a comment - 22/Oct/14 10:42 PM
      The server is configured incorrectly. It should be sending leaf and intermediate certificates, but not the root certificate since that needs to be in the trust store. This isn't a bug in Qt.
      You can see the problem here:
      Certificate chain
      0 s:/OU=Domain Control Validated/CN=*.mojang.com
      i:/C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./OU=http://certs.starfieldtech.com/repository//CN=Starfield Secure Certificate Authority - G2
      1 s:/C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./OU=http://certs.starfieldtech.com/repository//CN=Starfield Secure Certificate Authority - G2
      i:/C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Root Certificate Authority - G2
      2 s:/C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Root Certificate Authority - G2
      i:/C=US/O=Starfield Technologies, Inc./OU=Starfield Class 2 Certification Authority
      3 s:/C=US/O=Starfield Technologies, Inc./OU=Starfield Class 2 Certification Authority
      i:/C=US/O=Starfield Technologies, Inc./OU=Starfield Class 2 Certification Authority
      The server should only be sending the first two certificates, not the 3rd which is the root.

            mojangweb [Mojang] Web Team
            goochmi Michael Gooch
            Votes:
            2 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: