unable to verify certs on opencerts.io

[wmclaxton]

From today we are unable to verify certs on opencerts.io which used to verify without incident. The same certs do render and verify on our own verification service (https://verifier.nextid.com/). On opencerts.io we encounter this error message.

Connection timeout on renderer
Please contact the administrator of https://cert-renderer.nextid.com/

And this is reported in the browser console.

Refused to frame 'https://cert-renderer.nextid.com/' because it violates the following Content Security Policy directive: "frame-src https://legacy.opencerts.io/ https://demo-renderer.opencerts.io/ https://*.[gov.sg/](http://gov.sg/) https://*.[openattestation.com/](http://openattestation.com/) https://www.google.com/ https://govtech-decentralized-renderer.netlify.app/ https://ddycrb75ekcfz.cloudfront.net/".

Has something changed on opencerts.io? Here is a sample certificate (you can download from this viewer page).

[HJunyuan]

Hi @wmclaxton, we're working to get this resolved. Will update you.

[HJunyuan]

@wmclaxton We have just deployed a fix. Please try again, thanks!

[wmclaxton]

Thank you - it works. Could you clarify what happened and how you resolved the issue?

[HJunyuan]

@wmclaxton Apologies for the late response. In late 2023, we migrated to a different hosting provider and accidentally put in place an overly strict CSP header for frame-src. This prevented the iframe from connecting to the renderer which caused the connection timeout issue.