[tor-talk] "Invalid Server Certificate" accessing torproject.org on Chrome/Windows
Andrew Lewman
andrew at torproject.org
Thu Jan 5 02:51:47 UTC 2012
I think this is fixed for www.torproject.org now. Digicert apparently
updated their ca chained certs at some point. I've put the updated
ca-certs on the www servers. If this works, we can update them on all
torproject servers.
And for fun, I've attached the gnutls-cli output of the old cert in
place and the new cert in place.
tl;dr we went from:
our cert -> DigiCert High Assurance CA-3
to now:
cert -> DigiCert High Assurance CA-3 -> DigiCert High Assurance EV Root
CA
I couldn't replicate the problem in Chromium, FF9, nor whatever version
of android i have on an obsolete phone.
--
Andrew
http://tpo.is/contact
pgp 0x74ED336B
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 2012-01-04-new-digicert-ca.txt
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20120104/2cca332e/attachment.txt>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 2012-01-04-old-digicert-ca.txt
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20120104/2cca332e/attachment-0001.txt>
More information about the tor-talk
mailing list