Windy Community
    • Unread
    • Categories
    • Groups
    • Go to windy.com
    • Register
    • Login

    Certificate error accessing site due to expired cert in trust chain

    Bug Reports
    3
    8
    1.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      brian.voller
      last edited by

      Our staff are experincing issues accessing https://windy.com due to an expired certificate in the trust chain which is not playing well with Fortigate firewalls in certain configurations. This prevents staff from accessing the site at all with the following error

      5c8f2144-47f6-4237-b585-e1f64204bcfb-image.png

      This is because the windy.com R3 certificate has a expired cert in its trust chain

      12e07bbb-1fdd-449a-b4da-655a47d05a9b-image.png - https://www.ssllabs.com/ssltest/analyze.html?d=www.windy.com&s=143.204.128.52

      The Fortigate issue is documented here - https://www.fortinet.com/blog/psirt-blogs/fortinet-and-expiring-lets-encrypt-certificates

      and the expected certificate expiry is documented here - https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/

      The ultimate fix is for the windy.com certificate to be renewed without the expired cert in the trust chain. Can this please be arranged?

      KorinaK 1 Reply Last reply Reply Quote 0
      • KorinaK
        Korina @brian.voller
        last edited by

        @brian-voller Hello, please see the related post.

        We have stopped supporting certificates for older browsers, more information here. You will need to upgrade your browser.

        Korina

        1 Reply Last reply Reply Quote 0
        • B
          brian.voller
          last edited by

          This issue IS occurring in modern browsers
          e.g.
          Chrome 94.0.4606.71
          Edge 94.0.992.38

          KorinaK 1 Reply Last reply Reply Quote 0
          • KorinaK
            Korina @brian.voller
            last edited by

            @brian-voller Hello, did you clear your cache please?

            Korina

            B 1 Reply Last reply Reply Quote 0
            • B
              brian.voller @Korina
              last edited by

              @korina Yes. The issue for us is that windy.com is using a certificate with an EXPIRED certificate in its trust chain as shown above.

              KorinaK 1 Reply Last reply Reply Quote 0
              • KorinaK
                Korina @brian.voller
                last edited by

                @brian-voller Hello, as I mentioned, we stopped supporting old root certificates on older browsers - https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/

                We can recommend to use updated OS. Or if you still have issues, use the latest Mozilla browser 93.0., where you should not have any problems, since Mozilla downloads certificates on its own and does not rely on OS.

                Korina

                M 1 Reply Last reply Reply Quote 0
                • M
                  meteo2021 @Korina
                  last edited by

                  @korina Okay, is the latest version of Google Chrome Version 95.0.4638.54 (Official Build) (64-bit) an older browser and is there a possibility to access it through this browser?

                  KorinaK 1 Reply Last reply Reply Quote 0
                  • KorinaK
                    Korina @meteo2021
                    last edited by

                    @meteo2021 Hello, you may have a problem if you have an older operating system (Windows < XP SP3 or macOS < 10.12.1). Did you try the Mozilla browser 93.0.?

                    Korina

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Windyty, S.E. - all rights reserved. Powered by excellent NodeBB
                    NodeBB & contributors, OSM & contributors, HERE maps
                    Terms of Use     Privacy Policy