Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Origin SSL check fails with the NEW Letsencrypt Issuer

0

Certificates on the origin from Letsencrypt worked fine for years now.
Yesterday one of the ssl certificate of a websites got renewed successfully.

But now cloudfront makes a 503 error only for this website (one of many)
other website with an older certifacte from letsencrypt still working fine.

The only difference is that LetsEncrypt now signes with a new issuer
Old issuers was: "Let's Encrypt Authority X3"
New issuer is: "R3"

Issuer Certifactes
https://letsencrypt.org/certificates/

There are two Intermediate certifiactes,
this one make the issue:
https://crt.sh/?id=3479778542

Issuer Statement:
https://letsencrypt.org/documents/isrg-cps-v3.0/

It seams that cloudfront dont trust the certifactes from the new letsencrypt issuer "R3"

Edited by: Zetanova on Dec 5, 2020 9:00 AM

Temas
Redes y entrega de contenido
Etiquetas
Amazon CloudFront
Idioma
English
Zetanova
preguntada hace 3 años264 visualizaciones
1 Respuesta
0

My hosting system virtualmin only renewed the certificate but not the Intermediate certificate.

After updating the Intermediate certificate manually it is working again

Zetanova
respondido hace 3 años

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante