Impact: This advisory may affect a production ISIS application running on older apache and/or custom web servers.

The following bulletin was posted on the isisdev-l list on 9/11/2006.

Hi all,

It has just come to my attention that even though we obtained the new SSL certificate for ISIS 5 from the same vendor (Equifax/GeoTrust), GeoTrust issued the certificate using a different CA.

This may cause connection problems if you are running older versions of Apache or a custom compiled web server. Older web servers may not have the correct root CA installed in its trusted CA store.

If you are experiencing connection problems involving SSL handshake/certificate trust, please follow the instruction at:

Equifax CA Certificate Installation Instruction

to download and install the correct CA cert on your web server.

albert wu
UCLA AIS