Friday, October 14, 2016

Issues with GlobalSign public certs

What a mess!!!

If you use public certs from Globalsign, be aware of the issue that started yesterday with their CRLs.

We had to go in and update ALL our external-facing servers with the new Intermediate Cert they provided.

More details here - http://downloads.globalsign.com/acton/fs/blocks/showLandingPage/a/2674/p/p-008f/t/page/fm/0


Tips:

We use public certs on our SfB FEs too, and the same cert is also used for OAuth. We ended up removing and reapply the cert (from the SfB Wizard) so that it replicates out to the other servers and pools.

You need to remove the old Intermediate cert from the store. Search the Computer as well as the User stores and make sure you get rid of the old Intermediate one, else it will stay latched to the chain.


Can get the Intermediate cert from here -  https://support.globalsign.com/customer/portal/articles/2599710-ocsp-revocation-errors---troubleshooting-guide

4 comments:

  1. I have picked cheery a lot of useful clothes outdated of this amazing blog. I’d love to return greater than and over again. Thanks! 

    Selenium training in Chennai

    Selenium training in Bangalore

    ReplyDelete
  2. This comment has been removed by the author.

    ReplyDelete
  3. Do not waste time winning money right now we have slot games Win an online casino.

    ReplyDelete
  4. I appreciate that you produced this wonderful article to help us get more knowledge about this topic.
    I know, it is not an easy task to write such a big article in one day, I've tried that and I've failed. But, here you are, trying the big task and finishing it off and getting good comments and ratings. That is one hell of a job done!


    Selenium training in bangalore
    Selenium training in Chennai
    Selenium training in Bangalore
    Selenium training in Pune
    Selenium Online training

    ReplyDelete