http://bugs.winehq.org/show_bug.cgi?id=17783
--- Comment #9 from Paul "TBBle" Hampson Paul.Hampson@Pobox.com 2009-04-18 11:17:10 --- I've just confirmed (using openssl s_client -connect steamcommunity.com:443 -showcerts) that steamcommunity.com is not including the necessary intermediate certificates, so this is not a Wine problem per se.
I've confirmed that the link I gave before is the correct pair of certificates for users to install to get this fixed on their end. The second one (Secondary EV SSL Intermediate CA Certificate) is the issuer of the steamcommunity.com certificate, and the first one (Primary EV SSL Intermediate CA Certificate) is the issuer of the second one. The first one is signed by "C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority" which should already be in your trusted certificates list.
I can't post on the Staem forums or the Steam support system (no idea why) so if someone wants to report this to them via either method, that'd be great.
Their server admins should install the bundle at http://www.verisign.com/support/verisign-intermediate-ca/extended-validation... which is the above two certificates combined into one file for use on an Apache server.