SSL certificate from cloudfront content

(Michael Friedrich) #1


while browsing with dev tools in Chrome opened back here, I recognised a warning like this in the console:

The SSL certificate used to load resources from will be distrusted in M70. Once distrusted, users will be prevented from loading these resources. See for more information.

By the end of 2018, this might break meta with Chrome 70. I do see that it is Amazon Cloudfront with a Wildcard certificate issued by Symtantec.

michi@mbmif ~/coding/icinga/icinga2 (master *=) $ openssl s_client -connect
subject=/C=US/ST=Washington/L=Seattle/, Inc./CN=*
issuer=/C=US/O=Symantec Corporation/OU=Symantec Trust Network/CN=Symantec Class 3 Secure Server CA - G4

So I am guessing that Amazon will take action soon enough, but who knows :slight_smile:

Kind regards,

(Matt Palmer) #2

Yep, I’m quite confident Amazon will have switched away from the soon-to-be-distrusted Symantec root by the end of the year, given that they’re a CA of their own now.

(Matt Palmer) #3