1444687 - jsbin broken in Nightly due to SEC_ERROR_UNKNOWN_ISSUER of subdomain static.jsbin.com

Status: RESOLVED FIXED

(Firefox :: Security, defect)

Description

[Albert Scheiner [:alberts]]

I have seen a lot of https pages throwing cert errors in the last few days. Apparently it hit jsbin.com, which loads, but looks rather broken, due to jQuery on a subdomain failing.

When trying to connect to https://static.jsbin.com/js/vendor/jquery-1.11.0.min.js I got "SEC_ERROR_UNKNOWN_ISSUER", after reloading it changed to "MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED".

Do you want me to report all sites with this error (which actually should work), or are they all for "Advocacy" due to misconfigured server?

Comment 1

[Albert Scheiner [:alberts]]

Attachment: css and js files failing to load

add screenshot of CSS and JS files failing to load

Comment 2

[Albert Scheiner [:alberts]]

FYI, there has also been a ticket raised over at jsbin's Github repo: https://github.com/jsbin/jsbin/issues/3219

Comment 3

[Tom S [:evilpie]]

This site is using a Symantec certificate affected by distrust plan implemented in bug 1434300. This site won't work in future version of Chrome and Firefox.

Comment 4

[Albert Scheiner [:alberts]]

Ah, the Symantec clash. Fair enough. Tom, with a URL like https://static.jsbin.com/ how can I see that the issue is due to Symantec / bug 1434300?

Comment 5

[Tom S [:evilpie]]

SSL Labs: https://www.ssllabs.com/ssltest/analyze.html?d=static.jsbin.com

Comment 6

[Tom S [:evilpie]]

It seems like this site is using Amazon Cloudfront, which would could mean a lot of other pages are affected as well. Somebody should contact Amazon.

Comment 7

[Albert Scheiner [:alberts]]

Closing as per https://github.com/jsbin/jsbin/issues/3219#issuecomment-375568036