Closed taplar closed 6 years ago
ABonner
commented
6 years ago In particular, looks related to the CDN that is being used behind the scenes:
The certificate is only valid for the following names: *.ssl.hwcdn.net, ssl.hwcdn.net Error code: SSL_ERROR_BAD_CERT_DOMAIN
dmethvin
commented
6 years ago The provider is investigating.
mleibowitz
commented
6 years ago It looks like this has been resolved.
stefannilsson
commented
6 years ago Looks ok now!
[2018-04-19 22:59:25 CEST] [stefannilsson@XXXX ~]$ curl -v https://code.jquery.com
Thu Apr 19 22:59:27 CEST 2018
* Rebuilt URL to: https://code.jquery.com/
* Trying 69.16.175.42...
* TCP_NODELAY set
* Connected to code.jquery.com (69.16.175.42) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: CN=code.jquery.com
* start date: Apr 11 21:41:10 2018 GMT
* expire date: Jul 10 21:41:10 2018 GMT
*** subjectAltName: host "code.jquery.com" matched cert's "code.jquery.com"**
* issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
* SSL certificate verify ok.
> GET / HTTP/1.1
> Host: code.jquery.com
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Thu, 19 Apr 2018 20:59:27 GMT
< Connection: Keep-Alive
< Accept-Ranges: bytes
< ETag: 1523843310
< Cache-Control: max-age=31207743
< Content-Length: 18678
< Content-Type: text/html; charset=UTF-8
< Last-Modified: Mon, 16 Apr 2018 01:48:30 GMT
Our CDN provider also reports this as having been resolved.
kborchers
commented
6 years ago The provider is investigating the cause now and we will report back here when we know more but we should be up and running as usual.
kborchers
commented
6 years ago Below is the outcome of our CDN provider StackPath's investigation into the issue. We are very appreciative of the support and services that StackPath provides to our projects, their quick response in these situations, and their willingness to report back and update systems and processes to avoid future issues.
While processing a support request for the jQuery team, an SSL configuration was inadvertently changed, which resulted in an incorrect SSL certificate returning for asset requests through our CDN. On notification, our team immediately reversed the configuration changes, which restored proper SSL functions.
The StackPath team takes this issue very seriously and apologizes for the inconvenience this caused. We have updated internal support processes to ensure similar issues do not occur in the future. We are also working on feature improvements to automate a SSL change confirmation process to prevent potential future human error.
There appears to be an SSL issue with the code.jquery.com site.
Your connection is not private Attackers might be trying to steal your information from code.jquery.com (for example, passwords, messages, or credit cards). Learn more NET::ERR_CERT_COMMON_NAME_INVALID