Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This is what I get:

    SHA1: 0A:82:48:79:58:9F:0C:1E:13:B8:D9:AB:69:3E:11:8F:CB:FE:D3:EC
    MD5: 10:EE:4F:E5:43:DD:81:F2:3F:E6:4B:B9:4D:9C:53:31
    Serial: 6A:B2:9B:5B:0B:0E:92:22:E5:3A:07:D1:0A:D3:81:B5
Your browser is probably blocking it because it doesn't have use SHA-256.


It seems like they're sending different certs to different clients - the Qualys SSL test reported it as expired on the 17th of Feb.


This seems to have stemmed from Qualys caching an earlier certificate that has since been updated.

Independently, the original problem seems to have been our usage of Xdomain (a JavaScript alternative to CORS) to support older IEs used by some of our customers. The way it was being used seemed to conflict with Chrome on iOS.

I've pushed a fix to our staging servers and this will manifest in production once it has been better tested. Thanks everyone for pointing this out!


Any time :)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: