Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Origin SSL check fails with the NEW Letsencrypt Issuer

0

Certificates on the origin from Letsencrypt worked fine for years now.
Yesterday one of the ssl certificate of a websites got renewed successfully.

But now cloudfront makes a 503 error only for this website (one of many)
other website with an older certifacte from letsencrypt still working fine.

The only difference is that LetsEncrypt now signes with a new issuer
Old issuers was: "Let's Encrypt Authority X3"
New issuer is: "R3"

Issuer Certifactes
https://letsencrypt.org/certificates/

There are two Intermediate certifiactes,
this one make the issue:
https://crt.sh/?id=3479778542

Issuer Statement:
https://letsencrypt.org/documents/isrg-cps-v3.0/

It seams that cloudfront dont trust the certifactes from the new letsencrypt issuer "R3"

Edited by: Zetanova on Dec 5, 2020 9:00 AM

Themen
Vernetzung & Bereitstellung von Inhalten
Tags
Amazon CloudFront
Sprache
English
Zetanova
gefragt vor 3 Jahren264 Aufrufe
1 Antwort
0

My hosting system virtualmin only renewed the certificate but not the Intermediate certificate.

After updating the Intermediate certificate manually it is working again

Zetanova
beantwortet vor 3 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt