Comment 1 for bug 1014640

I found a fix:
copy Verisign_Class_3_Public_Primary_Certification_Authority.crt from a lucid/10.04 system (in /usr/share/ca-certificates/mozilla)

Sounds a bit whacky, but invalid certs have been delivered with 12.04?

I did a diff, the changes between 10.04 and 12.04 in that directory for verisign are:
New:
VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.crt
VeriSign_Universal_Root_Certification_Authority.crt

Changed:
Verisign_Class_1_Public_Primary_Certification_Authority.crt
Verisign_Class_3_Public_Primary_Certification_Authority.crt