@korina Yes. The issue for us is that windy.com is using a certificate with an EXPIRED certificate in its trust chain as shown above.
Latest posts made by brian.voller
-
RE: Certificate error accessing site due to expired cert in trust chain
-
RE: Certificate error accessing site due to expired cert in trust chain
This issue IS occurring in modern browsers
e.g.
Chrome 94.0.4606.71
Edge 94.0.992.38 -
Certificate error accessing site due to expired cert in trust chain
Our staff are experincing issues accessing https://windy.com due to an expired certificate in the trust chain which is not playing well with Fortigate firewalls in certain configurations. This prevents staff from accessing the site at all with the following error
This is because the windy.com R3 certificate has a expired cert in its trust chain
- https://www.ssllabs.com/ssltest/analyze.html?d=www.windy.com&s=143.204.128.52
The Fortigate issue is documented here - https://www.fortinet.com/blog/psirt-blogs/fortinet-and-expiring-lets-encrypt-certificates
and the expected certificate expiry is documented here - https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/
The ultimate fix is for the windy.com certificate to be renewed without the expired cert in the trust chain. Can this please be arranged?