[158725] in North American Network Operators' Group
Re: SSL on Juniper.net
daemon@ATHENA.MIT.EDU (Alex Brooks)
Fri Dec 7 10:47:22 2012
In-Reply-To: <20121207152854.GA60697@e-fensive.net>
From: Alex Brooks <askoorb+nanog@gmail.com>
Date: Fri, 7 Dec 2012 15:46:31 +0000
To: "J. Oquendo" <joquendo@e-fensive.net>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Hi,
On Fri, Dec 7, 2012 at 3:28 PM, J. Oquendo <joquendo@e-fensive.net> wrote:
>
>
> Yes, semi off/on topic I am aware, but because there are
> many here who visit the site, figured I'd ask. Anyone else
> having certificate issues on Juniper.net && their support
> login? This just started today.
>
> www.juniper.net is pushing an Akamai cert, support.j* is
> pushing a Comodo cert.
>
When having to diagnose HTTPS problems, I've found the automated tests
from Qualys SSL Labs to be a handy first step to save time. In this
instance it appears that www.juniper.net is a standard Akamai setup
(nothing special there, fairly OKish), but somebody has put the wrong
certificate at support.juniper.net (the certificate presented there is
for ipv6.juniper.net, origin-www.juniper.net and www.juniper.net
only).
https://sslcheck.globalsign.com/en_GB/sslcheck?host=www.juniper.net and
https://sslcheck.globalsign.com/en_GB/sslcheck?host=support.juniper.net
if anyone wants to have a look
Alex
