[ale] Suntrust.com - Live Solid, Bank Solid... Just not securely without a warning :)

Jeremy T. Bouse jeremy.bouse at undergrid.net
Sat Aug 18 22:11:04 EDT 2012


	So I have a business checking account with Suntrust... I was elated and
pleasantly surprised when I go to log into my account and every single
secure certificate presents me with a failure in Firefox and have to put
in exceptions. Looking into it shows that SunTrust enjoys using GeoTrust
SSL certificates but their IT department is unable to successfully
install them along with the proper GeoTrust SSL Intermediate CA certificate.

	I'm not sure which incompetence scares me more... That a large bank's
IT department is unable to do such a simple step as install an
intermediate CA certificate when they install their server certificates
or the fact that browsers like Google Chrome and IE happily except this
certificate and state it's all valid without actually validating the
certificate chain.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 294 bytes
Desc: OpenPGP digital signature
Url : http://mail.ale.org/pipermail/ale/attachments/20120818/84fb4cf0/attachment.bin 


More information about the Ale mailing list