I used the SSL Server test on a site (annualcreditreport.com), and the results were F. However, on the recently failed page, it says TRUST. Can you explain why this occurs?
The word "trust" has a specific meaning in PKI, and refers only to the
quality of the certificate. If the certificate is issued by a public CA and
still valid, it will be trusted. When a certificate is trusted that means
that you are in the right place (talking to the organization that owns the
domain name). Now, they may also have bad configuration (which is why we
give them an F), but their certificate is still good.
Retrieving data ...