[179078] in North American Network Operators' Group
Re: FIXED - Re: Broken SSL cert caused by router?
daemon@ATHENA.MIT.EDU (Josh Luthman)
Fri Mar 27 11:44:14 2015
X-Original-To: nanog@nanog.org
In-Reply-To: <551578D1.8080903@tiedyenetworks.com>
From: Josh Luthman <josh@imaginenetworksllc.com>
Date: Fri, 27 Mar 2015 11:43:50 -0400
To: Mike <mike-nanog@tiedyenetworks.com>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
FFR you can use this to verify the site itself is good or not:
https://www.sslshopper.com/ssl-checker.html (there are others, this is just
what I have bookmarked)
Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Fri, Mar 27, 2015 at 11:35 AM, Mike <mike-nanog@tiedyenetworks.com>
wrote:
>
> I'd like to thank everyone for their kind responses. One person who
> responded off list and bothered to look at the returned certificates
> pointed out, and correctly it seems, that my original setup was missing an
> intermediate certificate. The site was returning 'valid ssl' and all
> browsers got the green lock and offsite ssl tests came back ok, but
> apparently the missing intermediate means it would have had to have been
> fetched and that was the part that was failing at the customer site. Once I
> put the intermediate certificate in there, the customer site was able to
> access https without fail. I have not had an opportunity yet to examine in
> detail the config of the meraki router there but it's either a routing
> problem or a DPI problem. If I get an answer I'll post again with my
> results.
>
> Thanks all.
>
> Mike-
>
>
