[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] "Invalid Server Certificate" accessing torproject.org on Chrome/Windows
Thank you for taking a stab at this issue! I just tried this now, and
it still doesn't work. I don't remember precisely what the chain
looked, so I can't be sure I'm seeing anything different at all. I
restarted Chrome (but not Windows). Both www.torproject.org and
trac.torproject.org show the same error.
The chain that I see now is:
*.torproject.org --> DigiCert High Assurance CA-3 --> DigiCert
(i've attached a screen shot of this.)
2012/1/4 Andrew Lewman <andrew@xxxxxxxxxxxxxx>:
> I think this is fixed for www.torproject.org now. Digicert apparently
> updated their ca chained certs at some point. I've put the updated
> ca-certs on the www servers. If this works, we can update them on all
> torproject servers.
> And for fun, I've attached the gnutls-cli output of the old cert in
> place and the new cert in place.
> tl;dr we went from:
> our cert -> DigiCert High Assurance CA-3
> to now:
> cert -> DigiCert High Assurance CA-3 -> DigiCert High Assurance EV Root
> I couldn't replicate the problem in Chromium, FF9, nor whatever version
> of android i have on an obsolete phone.
> pgp 0x74ED336B
> tor-talk mailing list
tor-talk mailing list