[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Broken SSL cert caused by router?
- Subject: Broken SSL cert caused by router?
- From: jbfixurpc at gmail.com (Joe)
- Date: Thu, 26 Mar 2015 17:54:44 -0500
- In-reply-to: <[email protected]>
- References: <[email protected]>
You might want to look at some of the documentation on that device.
Looks like it might be doing some proxy stuff.
On Thu, Mar 26, 2015 at 5:38 PM, Mike <mike-nanog at tiedyenetworks.com> wrote:
> I have a very odd problem.
> We've recently gotten a 'real' ssl certificate from godaddy to cover our
> domain (*.domain.com) and have installed it in several places where needed
> for email (imap/starttls and etc) and web. This works great, seems ok
> according to various online TLS certificate checkers, and I get the green
> lock when testing using my own browsers and such.
> I have a customer however that uses our web mail system now secured with
> ssl. I myself and many others use it and get the green lock. But, whenever
> any station at the customer tries using it, they get a broken lock and 'your
> connection is not private'. The actual error displayed below is
> 'cert_authority_invalid' and it's "Go Daddy Secure Certificate Authority -
> G2". And it gets worse - whenever I go to the location and use my own
> laptop, the very one that 'works' when at my office, I ALSO get the error.
> AND EVEN WORSE - when I connect to my cell phone provided hotspot, the error
> goes away!
> As weird as this all sounds, I got it nailed down to one device - they
> have a Cisco/Meraki MX64W as their internet gateway - and when I remove that
> device from the chain and go 'straight' out to the internet, suddenly, the
> certificate problem goes away entirely.
> How is this possible? Can anyone comment on these devices and tell me
> what might be going on here?