Websites with emSign root certificates shown as 'not trusted in Apple and Android' while it is trusted

ssllabs / ssllabs-scan

A command-line reference-implementation client for SSL Labs APIs, designed for automated and/or bulk testing.

https://www.ssllabs.com/projects/ssllabs-apis/

Apache License 2.0

1.7k stars 242 forks source link

Websites with emSign root certificates shown as 'not trusted in Apple and Android' while it is trusted #922

Open vijaykoppa opened 1 year ago

vijaykoppa commented 1 year ago

SSL Labs scan report shows "This server's certificate is not trusted by Apple, Android and Java trust store" for the TLS Certificates issued under eMudhra emSign root. (example website: emudhra.com)

However, these roots are trusted in Android (v10 / Sep 2019 onwards) as well Apple (v15 / Sep 2021 onwards).

Kindly have these roots marked as trusted in SSLLabs scan report.

Note: It is not yet trusted in Java

naumanshah03 commented 1 year ago

Hi @vijaykoppa

On www.ssllabs.com, we are using old version of trust stores hence this issue. You can try on dev.ssllabs.com for the latest version of trust stores