[179077] in North American Network Operators' Group
FIXED - Re: Broken SSL cert caused by router?
daemon@ATHENA.MIT.EDU (Mike)
Fri Mar 27 11:35:51 2015
X-Original-To: nanog@nanog.org
Date: Fri, 27 Mar 2015 08:35:45 -0700
From: Mike <mike-nanog@tiedyenetworks.com>
CC: nanog@nanog.org
In-Reply-To: <37237.77.1427428575578.JavaMail.mtlewis@T410I>
Errors-To: nanog-bounces@nanog.org
I'd like to thank everyone for their kind responses. One person who
responded off list and bothered to look at the returned certificates
pointed out, and correctly it seems, that my original setup was missing
an intermediate certificate. The site was returning 'valid ssl' and all
browsers got the green lock and offsite ssl tests came back ok, but
apparently the missing intermediate means it would have had to have been
fetched and that was the part that was failing at the customer site.
Once I put the intermediate certificate in there, the customer site was
able to access https without fail. I have not had an opportunity yet to
examine in detail the config of the meraki router there but it's either
a routing problem or a DPI problem. If I get an answer I'll post again
with my results.
Thanks all.
Mike-
