1492430 - SSL certificate problem for www.seamonkey-project.org

Status: RESOLVED FIXED

(SeaMonkey :: Website, defect)

Description

[Tristan Miller]

As of a few days ago, HTTPS connections to www.seamonkey-project.org throw an SSL certificate error.  Example:

$ wget https://www.seamonkey-project.org
--2018-09-19 13:35:11--  https://www.seamonkey-project.org/
Resolving www.seamonkey-project.org (www.seamonkey-project.org)... 52.179.195.254
Connecting to www.seamonkey-project.org (www.seamonkey-project.org)|52.179.195.254|:443... connected.
WARNING: cannot verify www.seamonkey-project.org's certificate, issued by ‘CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US’:
  Unable to locally verify the issuer's authority.

Some clients will download the requested resource anyway but others will refuse.  (For example, my RSS reader now refuses to fetch new article from the SeaMonkey Project Blog at <https://www.seamonkey-project.org/news-atom>.)

The problem seems to be specific to the www subdomain.  The blog subdomain has no such SSL problem.

Possibly related to Bug 1204330, though I think the error message for that issue is different.

Comment 1

[Ian Neal]

According to SSL Shopper:
The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate. Learn more about this error. You can fix this by following DigiCert's Certificate Installation Instructions for your server platform. Pay attention to the parts about Intermediate certificates.
https://www.sslshopper.com/ssl-checker.html#hostname=https://www.seamonkey-project.org/

Comment 2

[Frank-Rainer Grahl (:frg)]

Yes seems to be the intermediate certificate:
https://www.ssllabs.com/ssltest/analyze.html?d=www.seamonkey-project.org

Comment 3

[Edmund Wong (:ewong)]

Fixed.  Did a scan myself and it seems to be ok.