Closed Bug 782228 Opened 13 years ago Closed 13 years ago

blog.mozilla.org uses an invalid security certificate

Categories

(Infrastructure & Operations Graveyard :: WebOps: Other, task)

Product:
Infrastructure & Operations Graveyard
Component:
WebOps: Other
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WORKSFORME

People

(Reporter: rik, Unassigned)

References

(
URL
)

Details

Quoting Firefox: "blog.mozilla.org uses an invalid security certificate. The certificate is only valid for blog.mozilla.com (Error code: ssl_error_bad_cert_domain)"
:rik i am seeing a proper cert+chain for blog.mozilla.org. can you run the same `openssl` command i note below and comment on your results? * the 'verify error:num=20...' is expected $ openssl s_client -showcerts -connect blog.mozilla.org:443 CONNECTED(00000003) depth=1 /C=US/O=GeoTrust, Inc./CN=GeoTrust SSL CA verify error:num=20:unable to get local issuer certificate verify return:0 --- Certificate chain 0 s:/serialNumber=PJYd6s/lzd2zfglc6EAG5C/hVZfSySVY/C=US/ST=California/L=Mountain View/O=Mozilla Corporation/OU=IT/CN=blog.mozilla.com i:/C=US/O=GeoTrust, Inc./CN=GeoTrust SSL CA -----BEGIN CERTIFICATE----- MIIEjTCCA3WgAwIBAgIDAWtHMA0GCSqGSIb3DQEBBQUAMEAxCzAJBgNVBAYTAlVT MRcwFQYDVQQKEw5HZW9UcnVzdCwgSW5jLjEYMBYGA1UEAxMPR2VvVHJ1c3QgU1NM IENBMB4XDTEyMDUxNTE2NTE0MloXDTE0MDUxNzIxMzk0NFowgasxKTAnBgNVBAUT IFBKWWQ2cy9semQyemZnbGM2RUFHNUMvaFZaZlN5U1ZZMQswCQYDVQQGEwJVUzET MBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEcMBoG A1UEChMTTW96aWxsYSBDb3Jwb3JhdGlvbjELMAkGA1UECxMCSVQxGTAXBgNVBAMT EGJsb2cubW96aWxsYS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCSlnxnaG3Pb0PnExrQmo/exYjH5C0XkLw+b8jtZ5saS798LZW42ZHNfFbDA42J C0UeF2zmKp8zr9egfZfDOEi90CM5h931/K5QJM2/de2rY7k0g3qqH/rWX75tV6Hm VZTB610pIuRJw/UsgwK3skwY8dJdVP1oWees74mF/oLfZL5cNJ1yu5hNYoQm3lGR suj1dlYez6Wb023FYm2Np18u9dv2SD1mDCIgnZhM0IwCOm4kT6V0g2dQwkXJ5l27 lqXYvLnYGO4tqpx6IixC39jHNrVeSZ3Hoy6aEXAW58IRY9wtCHscr2Yirw1jOkYx JGtAC8qNm36JQUDzEp7GyNpzAgMBAAGjggEiMIIBHjAfBgNVHSMEGDAWgBRCeVQb Yc1VKz5j1TxIV/Wf+0XOSjAOBgNVHQ8BAf8EBAMCBLAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMBsGA1UdEQQUMBKCEGJsb2cubW96aWxsYS5jb20wPQYD VR0fBDYwNDAyoDCgLoYsaHR0cDovL2d0c3NsLWNybC5nZW90cnVzdC5jb20vY3Js cy9ndHNzbC5jcmwwHQYDVR0OBBYEFK73yJ17plgME5zBr3tOrv8x4TlEMAwGA1Ud EwEB/wQCMAAwQwYIKwYBBQUHAQEENzA1MDMGCCsGAQUFBzAChidodHRwOi8vZ3Rz c2wtYWlhLmdlb3RydXN0LmNvbS9ndHNzbC5jcnQwDQYJKoZIhvcNAQEFBQADggEB AAoCvpclZ5W4etjRAahgR3GVezfAi8E6MSHYZdSiYFdmX2/GwA+itzLwofNJEA72 4gdxKrRGI9ofev1T59Z7AxIi4/MIzdj8e128WAANDT0uNZTgZABmPVMysky0ty94 sSIj8lzMwVypkvYLc5T5i5t0LmxDjeBEI1Zruhtkb/s6nWWW42JhKm0jQzEj+WgU h12RcX0ag2r3rhiUBKfvcgECXqtnS8r7z7Z3i0YWnNErXW/SqtWdLemCkTeiqfZv 1QgQz/zXrjx7pBtdIpc60vZtC7Rl0IhXiZqf5Pe2dYpoXK2SlYKfTUd5inwy2F1G YJNjqm1UhqkoZpjmjgdT+xo= -----END CERTIFICATE----- 1 s:/C=US/O=GeoTrust, Inc./CN=GeoTrust SSL CA i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA -----BEGIN CERTIFICATE----- MIID2TCCAsGgAwIBAgIDAjbQMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i YWwgQ0EwHhcNMTAwMjE5MjIzOTI2WhcNMjAwMjE4MjIzOTI2WjBAMQswCQYDVQQG EwJVUzEXMBUGA1UEChMOR2VvVHJ1c3QsIEluYy4xGDAWBgNVBAMTD0dlb1RydXN0 IFNTTCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJCzgMHk5Uat cGA9uuUU3Z6KXot1WubKbUGlI+g5hSZ6p1V3mkihkn46HhrxJ6ujTDnMyz1Hr4Gu FmpcN+9FQf37mpc8oEOdxt8XIdGKolbCA0mEEoE+yQpUYGa5jFTk+eb5lPHgX3UR 8im55IaisYmtph6DKWOy8FQchQt65+EuDa+kvc3nsVrXjAVaDktzKIt1XTTYdwvh dGLicTBi2LyKBeUxY0pUiWozeKdOVSQdl+8a5BLGDzAYtDRN4dgjOyFbLTAZJQ50 96QhS6CkIMlszZhWwPKoXz4mdaAN+DaIiixafWcwqQ/RmXAueOFRJq9VeiS+jDkN d53eAsMMvR8CAwEAAaOB2TCB1jAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFEJ5 VBthzVUrPmPVPEhX9Z/7Rc5KMB8GA1UdIwQYMBaAFMB6mGiNifurBWQMEX2qfWW4 ysxOMBIGA1UdEwEB/wQIMAYBAf8CAQAwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDov L2NybC5nZW90cnVzdC5jb20vY3Jscy9ndGdsb2JhbC5jcmwwNAYIKwYBBQUHAQEE KDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5nZW90cnVzdC5jb20wDQYJKoZI hvcNAQEFBQADggEBANTvU4ToGr2hiwTAqfVfoRB4RV2yV2pOJMtlTjGXkZrUJPji J2ZwMZzBYlQG55cdOprApClICq8kx6jEmlTBfEx4TCtoLF0XplR4TEbigMMfOHES 0tdT41SFULgCy+5jOvhWiU1Vuy7AyBh3hjELC3DwfjWDpCoTZFZnNF0WX3OsewYk 2k9QbSqr0E1TQcKOu3EDSSmGGM8hQkx0YlEVxW+o78Qn5Rsz3VqI138S0adhJR/V 4NwdzxoQ2KDLX4z6DOW/cf/lXUQdpj6HR/oaToODEj+IZpWYeZqF6wJHzSXj8gYE TpnKXKBuervdo5AaRTPvvz7SBMS24CqFZUE+ENQ= -----END CERTIFICATE----- --- Server certificate subject=/serialNumber=PJYd6s/lzd2zfglc6EAG5C/hVZfSySVY/C=US/ST=California/L=Mountain View/O=Mozilla Corporation/OU=IT/CN=blog.mozilla.com issuer=/C=US/O=GeoTrust, Inc./CN=GeoTrust SSL CA --- No client certificate CA names sent --- SSL handshake has read 2318 bytes and written 444 bytes --- New, TLSv1/SSLv3, Cipher is RC4-SHA Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : RC4-SHA Session-ID: B0EDE6C81028DC75F4CAC1FD5686E74DD820CB2320965A5324FA7D5724B1B099 Session-ID-ctx: Master-Key: 9351B415768D02450677FE6D35823E41859F49F716DE794E5481C148FB40777A637B6D5927D5AB75B80D2C9EE015F18B Key-Arg : None Start Time: 1344853439 Timeout : 300 (sec) Verify return code: 0 (ok) ---
CONNECTED(00000003) depth=1 /C=US/O=GeoTrust, Inc./CN=GeoTrust SSL CA verify error:num=20:unable to get local issuer certificate verify return:0 --- Certificate chain 0 s:/serialNumber=PJYd6s/lzd2zfglc6EAG5C/hVZfSySVY/C=US/ST=California/L=Mountain View/O=Mozilla Corporation/OU=IT/CN=blog.mozilla.com i:/C=US/O=GeoTrust, Inc./CN=GeoTrust SSL CA -----BEGIN CERTIFICATE----- MIIEjTCCA3WgAwIBAgIDAWtHMA0GCSqGSIb3DQEBBQUAMEAxCzAJBgNVBAYTAlVT MRcwFQYDVQQKEw5HZW9UcnVzdCwgSW5jLjEYMBYGA1UEAxMPR2VvVHJ1c3QgU1NM IENBMB4XDTEyMDUxNTE2NTE0MloXDTE0MDUxNzIxMzk0NFowgasxKTAnBgNVBAUT IFBKWWQ2cy9semQyemZnbGM2RUFHNUMvaFZaZlN5U1ZZMQswCQYDVQQGEwJVUzET MBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEcMBoG A1UEChMTTW96aWxsYSBDb3Jwb3JhdGlvbjELMAkGA1UECxMCSVQxGTAXBgNVBAMT EGJsb2cubW96aWxsYS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCSlnxnaG3Pb0PnExrQmo/exYjH5C0XkLw+b8jtZ5saS798LZW42ZHNfFbDA42J C0UeF2zmKp8zr9egfZfDOEi90CM5h931/K5QJM2/de2rY7k0g3qqH/rWX75tV6Hm VZTB610pIuRJw/UsgwK3skwY8dJdVP1oWees74mF/oLfZL5cNJ1yu5hNYoQm3lGR suj1dlYez6Wb023FYm2Np18u9dv2SD1mDCIgnZhM0IwCOm4kT6V0g2dQwkXJ5l27 lqXYvLnYGO4tqpx6IixC39jHNrVeSZ3Hoy6aEXAW58IRY9wtCHscr2Yirw1jOkYx JGtAC8qNm36JQUDzEp7GyNpzAgMBAAGjggEiMIIBHjAfBgNVHSMEGDAWgBRCeVQb Yc1VKz5j1TxIV/Wf+0XOSjAOBgNVHQ8BAf8EBAMCBLAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMBsGA1UdEQQUMBKCEGJsb2cubW96aWxsYS5jb20wPQYD VR0fBDYwNDAyoDCgLoYsaHR0cDovL2d0c3NsLWNybC5nZW90cnVzdC5jb20vY3Js cy9ndHNzbC5jcmwwHQYDVR0OBBYEFK73yJ17plgME5zBr3tOrv8x4TlEMAwGA1Ud EwEB/wQCMAAwQwYIKwYBBQUHAQEENzA1MDMGCCsGAQUFBzAChidodHRwOi8vZ3Rz c2wtYWlhLmdlb3RydXN0LmNvbS9ndHNzbC5jcnQwDQYJKoZIhvcNAQEFBQADggEB AAoCvpclZ5W4etjRAahgR3GVezfAi8E6MSHYZdSiYFdmX2/GwA+itzLwofNJEA72 4gdxKrRGI9ofev1T59Z7AxIi4/MIzdj8e128WAANDT0uNZTgZABmPVMysky0ty94 sSIj8lzMwVypkvYLc5T5i5t0LmxDjeBEI1Zruhtkb/s6nWWW42JhKm0jQzEj+WgU h12RcX0ag2r3rhiUBKfvcgECXqtnS8r7z7Z3i0YWnNErXW/SqtWdLemCkTeiqfZv 1QgQz/zXrjx7pBtdIpc60vZtC7Rl0IhXiZqf5Pe2dYpoXK2SlYKfTUd5inwy2F1G YJNjqm1UhqkoZpjmjgdT+xo= -----END CERTIFICATE----- 1 s:/C=US/O=GeoTrust, Inc./CN=GeoTrust SSL CA i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA -----BEGIN CERTIFICATE----- MIID2TCCAsGgAwIBAgIDAjbQMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i YWwgQ0EwHhcNMTAwMjE5MjIzOTI2WhcNMjAwMjE4MjIzOTI2WjBAMQswCQYDVQQG EwJVUzEXMBUGA1UEChMOR2VvVHJ1c3QsIEluYy4xGDAWBgNVBAMTD0dlb1RydXN0 IFNTTCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJCzgMHk5Uat cGA9uuUU3Z6KXot1WubKbUGlI+g5hSZ6p1V3mkihkn46HhrxJ6ujTDnMyz1Hr4Gu FmpcN+9FQf37mpc8oEOdxt8XIdGKolbCA0mEEoE+yQpUYGa5jFTk+eb5lPHgX3UR 8im55IaisYmtph6DKWOy8FQchQt65+EuDa+kvc3nsVrXjAVaDktzKIt1XTTYdwvh dGLicTBi2LyKBeUxY0pUiWozeKdOVSQdl+8a5BLGDzAYtDRN4dgjOyFbLTAZJQ50 96QhS6CkIMlszZhWwPKoXz4mdaAN+DaIiixafWcwqQ/RmXAueOFRJq9VeiS+jDkN d53eAsMMvR8CAwEAAaOB2TCB1jAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFEJ5 VBthzVUrPmPVPEhX9Z/7Rc5KMB8GA1UdIwQYMBaAFMB6mGiNifurBWQMEX2qfWW4 ysxOMBIGA1UdEwEB/wQIMAYBAf8CAQAwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDov L2NybC5nZW90cnVzdC5jb20vY3Jscy9ndGdsb2JhbC5jcmwwNAYIKwYBBQUHAQEE KDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5nZW90cnVzdC5jb20wDQYJKoZI hvcNAQEFBQADggEBANTvU4ToGr2hiwTAqfVfoRB4RV2yV2pOJMtlTjGXkZrUJPji J2ZwMZzBYlQG55cdOprApClICq8kx6jEmlTBfEx4TCtoLF0XplR4TEbigMMfOHES 0tdT41SFULgCy+5jOvhWiU1Vuy7AyBh3hjELC3DwfjWDpCoTZFZnNF0WX3OsewYk 2k9QbSqr0E1TQcKOu3EDSSmGGM8hQkx0YlEVxW+o78Qn5Rsz3VqI138S0adhJR/V 4NwdzxoQ2KDLX4z6DOW/cf/lXUQdpj6HR/oaToODEj+IZpWYeZqF6wJHzSXj8gYE TpnKXKBuervdo5AaRTPvvz7SBMS24CqFZUE+ENQ= -----END CERTIFICATE----- --- Server certificate subject=/serialNumber=PJYd6s/lzd2zfglc6EAG5C/hVZfSySVY/C=US/ST=California/L=Mountain View/O=Mozilla Corporation/OU=IT/CN=blog.mozilla.com issuer=/C=US/O=GeoTrust, Inc./CN=GeoTrust SSL CA --- No client certificate CA names sent --- SSL handshake has read 2318 bytes and written 444 bytes --- New, TLSv1/SSLv3, Cipher is RC4-SHA Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : RC4-SHA Session-ID: D8B6C68936D531795567F4DB03D93A1C357FD3270D309C8D47FD26F631F8C363 Session-ID-ctx: Master-Key: 00AB14B8B62CE507846C0439283BF7EA9FB7806A2E6379B2AC80D744995760391C88F3B6B9DDED475E76D185F44C3560 Key-Arg : None Start Time: 1344854107 Timeout : 300 (sec) Verify return code: 0 (ok) --- read:errno=0
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → WORKSFORME
Component: Server Operations: Web Operations → WebOps: Other
Product: mozilla.org → Infrastructure & Operations
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in before you can comment on or make changes to this bug.