[tor-talk] "Invalid Server Certificate" accessing torproject.org on Chrome/Windows
Greg
Greg at alumni.brown.edu
Thu Jan 5 04:18:12 UTC 2012
Hi Andrew,
Thank you for taking a stab at this issue! I just tried this now, and
it still doesn't work. I don't remember precisely what the chain
looked, so I can't be sure I'm seeing anything different at all. I
restarted Chrome (but not Windows). Both www.torproject.org and
trac.torproject.org show the same error.
The chain that I see now is:
*.torproject.org --> DigiCert High Assurance CA-3 --> DigiCert
(i've attached a screen shot of this.)
Thanks,
Greg
2012/1/4 Andrew Lewman <andrew at torproject.org>:
> I think this is fixed for www.torproject.org now. Digicert apparently
> updated their ca chained certs at some point. I've put the updated
> ca-certs on the www servers. If this works, we can update them on all
> torproject servers.
>
> And for fun, I've attached the gnutls-cli output of the old cert in
> place and the new cert in place.
>
> tl;dr we went from:
> our cert -> DigiCert High Assurance CA-3
>
> to now:
> cert -> DigiCert High Assurance CA-3 -> DigiCert High Assurance EV Root
> CA
>
> I couldn't replicate the problem in Chromium, FF9, nor whatever version
> of android i have on an obsolete phone.
>
> --
> Andrew
> http://tpo.is/contact
> pgp 0x74ED336B
>
> _______________________________________________
> tor-talk mailing list
> tor-talk at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
More information about the tor-talk
mailing list