FirstTech Fed ValidatorException: No trusted certificate found

salinasv's Avatar

salinasv

24 Nov, 2018 08:07 PM

Hi all, I'm having an SSL validation error while trying to connect to FirsTech online banking. I talked with them and they said that they had a problem few days ago with certificates but that should be solved now. I tried again and see the same error, I think the problem is now on Moneydance side. I believe Moneydance is not shipping the root CA for this certificate (GlobalSign).

This is why I believe the problem is on moneydance:

  • If I use the browser to get in https://ofx.firsttechfed.com, firefox validates the certificate successfully. So, the cert is OK.

  • I did not found the root certificate on moneydance bundle: jar -tf /usr/share/java/moneydance/moneydance.jar | grep certs doesn't show anything for GlobalSign

  • It is possible that the new cert they added few days ago replaced a cert with a different root CA.

Now, I have two questions:
Could you validate my assumptions?
How can I manually add a cert to moneydance bundle (taken from mozilla's kit), to workaround this issue while you release a new version with the new CA added?

Detailed info:
The error I'm getting is this:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found

Cert info from console:

connecting to: https://ofx.firsttechfed.com with method: POST
Connecting to ofx.firsttechfed.com
acceptable protocols:  TLSv1  TLSv1.1  TLSv1.2
Saving certificate: 0
    subject: CN=incapsula.com, O=Incapsula Inc, L=Dover, ST=Delaware, C=US
     issuer: CN=GlobalSign CloudSSL CA - SHA256 - G3, O=GlobalSign nv-sa, C=BE
  not after: Mon Jun 10 02:40:37 PDT 2019
 not before: Sat Jun 09 02:40:37 PDT 2018
   filename: unknown_cert_0.der
Saving file to /home/$USER/unknown_cert_0.der
Saving certificate: 1
    subject: CN=GlobalSign CloudSSL CA - SHA256 - G3, O=GlobalSign nv-sa, C=BE
     issuer: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
  not after: Mon Aug 18 17:00:00 PDT 2025
 not before: Tue Aug 18 17:00:00 PDT 2015
   filename: unknown_cert_1.der
Saving file to /home/$USER/unknown_cert_1.der
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!! Warning: encountered untrusted cert - will save it !!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
  1. 1 Posted by Bonnie on 29 Nov, 2018 05:07 PM

    Bonnie's Avatar

    Thanks for posting this here and doing all that legwork. I am also a First Tech and Moneydance user, and I'm having the same problem, same error message. Looking forward to seeing the response to this.

  2. 2 Posted by dwg on 29 Nov, 2018 07:38 PM

    dwg's Avatar
  3. 3 Posted by Bonnie Thompson on 29 Nov, 2018 11:21 PM

    Bonnie Thompson's Avatar

    Thanks, dwg!

Reply to this discussion

Internal reply

Formatting help / Preview (switch to plain text) No formatting (switch to Markdown)

Attaching KB article:

»

Attached Files

You can attach files up to 10MB

If you don't have an account yet, we need to confirm you're human and not a machine trying to post spam.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac