Windows LiveWindows Live
 
 
Randy's profileRandy WalkerPhotosBlogNetworkMore Tools Help

Blog
    March 20

    New FedEx SSL Cert is bound to cause problems

    Having done some thorough research with code signing certifications and SSL certs, am I wrong in thinking that FedEx has royally screwed up?  I had to double and triple check that the link provided wasn’t a phishing attack of some sort, and it all looks valid.  Forcing your customers to install a cert that doesn’t have a root already installed in Windows is major trouble!  Why would VeriSign sell FedEx such a crappy product?

    I have a cheap Comodo SSL cert for my Exchange server, and it wreaks all sorts of havok when connecting my Windows Mobile device to it.  Someone has made a very poor decision, or perhaps I’m missing something.

    Dear Valued FedEx Customer:

    Please ensure that your appropriate team members (e.g., Application Server Administrators) are aware of the following FedEx planned update:

    Chained Secure Socket Layer (SSL) Test Certificate Update

    In order to maintain customer confidence in our Web connections, FedEx is renewing our SSL certificate with VeriSign, a trusted certificate holding authority.  FedEx moved to a chained SSL certificate type for our test environment on Mar. 19, 2009, and will move for our production environment on Aug. 1, 2009.  This transition is due to the FedEx certificate holding authority transitioning from non-chained to chained Web server SSL certificates.

    Customers using custom interfacing applications will need to verify that their systems support chained certificates.  For web servers that do not support chained certificates, administrators should contact their server software provider for technical assistance.  If you are unsure whether your application works with chained certificates, it is recommended that you test your application in the FedEx test environment.  Applications should be redirected to gatewaybeta.fedex.com for testing. 

    Customers needing a local copy of the FedEx test certificate installed on their system can download the updated certificate here or by typing the link http://fedex.com/us/developer/downloads/dev_cert.zip into your browser.  A separate certificate will need to be installed for production.  We will notify you when the production certificate is available for download.  FedEx supplied API clients (e.g., ATOM) are not affected by these changes.

    If you have any questions or need technical assistance, please contact the FedEx Help Desk at 1.877.339.2774 or send an e-mail to websupport@fedex.com.

    Thank you for choosing FedEx.

    The FedEx Web Integration Solutions Team

    5:41 PM | Blog it

    Comments

    Please wait...
    Sorry, the comment you entered is too long. Please shorten it.
    You didn't enter anything. Please try again.
    Sorry, we can't add your comment right now. Please try again later.
    To add a comment, you need permission from your parent. Ask for permission
    Your parent has turned off comments.
    Sorry, we can't delete your comment right now. Please try again later.
    You've exceeded the maximum number of comments that can be left in one day. Please try again in 24 hours.
    Your account has had the ability to leave comments disabled because our systems indicate that you may be spamming other users. If you believe that your account has been disabled in error please contact Windows Live support.
    Complete the security check below to finish leaving your comment.
    The characters you type in the security check must match the characters in the picture or audio.

    To add a comment, sign in with your Windows Live ID (if you use Hotmail, Messenger, or Xbox LIVE, you have a Windows Live ID). Sign in


    Don't have a Windows Live ID? Sign up

    Trackbacks

    The trackback URL for this entry is:
    http://cid-59c5803fddd2ed53.spaces.live.com/blog/cns!59C5803FDDD2ED53!41392.trak
    Weblogs that reference this entry
    • None