Issue: Revoked SSL certificate

Issue Tools
- View Changes

January 5, 2022 2:15 PM

Alfa1

Distinguished Member

Revoked SSL certificate

On some devices I cannot reach vaultwiki.org
I am getting errors that your certificate is revoked.

Issue Details

Issue Number 6290

Issue Type Bug

Project Site Issues

Category Unknown

Status Fixed

Priority 1 - Highest

Users able to reproduce bug 0

Users unable to reproduce bug 0

Attachments 0

Assigned Users (none)

Tags (none)

January 5, 2022 5:57 PM

pegasus

VaultWiki Team

That is strange. It is still valid until February 4.

Reply
January 5, 2022 11:11 PM

pegasus

VaultWiki Team

Apparently Namecheap / Sectigo have the following crazy policy when it comes to SSL renewals:
- If there is a discrepancy between the renewal and the original (in our case we provided www.vaultwiki.org vs vaultwiki.org in a different order), then revoke the live SSL certificate until the renewal completes.
- Do this without any obvious user-facing error message like "You have entered information differently than your previous renewal. If you proceed, your live certificate will be revoked. Are you sure you want to do this?"
- Do not contact the admin after the fact to tell them that their certificate was revoked so that they could fix the data they entered. Instead let them wonder if they have been hacked or accused of criminal activity.

We have implemented a lower tier SSL certificate until the renewal goes though. Of course this temporary change will cause all copies of VaultWiki to show failed new-version lookups in the AdminCP.

Reply

+ Reply

All times are GMT -4. The time now is 7:59 PM.

This site uses cookies to help personalize content, to tailor your experience, and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.

Learn more… Accept Remind me later

Welcome to VaultWiki.org, home of the wiki add-on for vBulletin and XenForo!

Issue: Revoked SSL certificate

Issue Tools