
s3.amazonaws.com certificate revoked - _mikz
https://s3.amazonaws.com
======
0x0
Chrome says "This certificate has been revoked". It has SHA1 fingerprint 0C F0
6A F0 5C C4 C4 44 E1 DB 92 25 F0 99 4F EC 6B 5E 4A B5 and was issued
2014-04-08 00:00.

Did they renew a certificate after patching for Heartbleed, but then revoke
it?

~~~
stygiansonic
I'm getting the revocation warning with this SHA1 fingerprint as well in
Chrome.

------
_ikke_
Here all is just fine. It shows as verified and encrypted. I have enabled
checking the verification list in Chrome.

Fingerprint is:

    
    
        C1 4C 4A 4D 63 63 E4 B4 CD 23 02 1A 2F 0A 0E 9A
        AB FB BE D7 0E 59 10 A3 20 01 EB CC 8D 08 DC E2

~~~
makmanalp
Sha1 fingerprint for me is:
E0:D2:E0:2E:20:F2:CE:80:AE:16:93:CA:86:2C:5A:14:54:26:28:F5

~~~
mandalar12
You both have the same. His fingerprint was SHA256. I see the same certificate
and no error in neither chromium nor firefox nightly.

------
bananas
Joy. That'll be why we got a massive error spike this morning then.

------
wasyl
For me all connection to amazon.com is unencrypted :o Did they just remove ssl
for now?

~~~
AhtiK
Url from this post ([https://s3.amazonaws.com/](https://s3.amazonaws.com/))
redirects to HTTP://aws.amazon.com/s3/

307 Temporary Redirect

Location: [http://aws.amazon.com/s3](http://aws.amazon.com/s3) [following]

Going directly to [https://aws.amazon.com/s3/](https://aws.amazon.com/s3/)
keeps the SSL cert, which does not seem to be revoked and is issued at 4/8/14.

SHA1 fingerprint:

E0 D2 E0 2E 20 F2 CE 80 AE 16 93 CA 86 2C 5A 14 54 26 28 F5

EDIT: Now 45 minutes later
[https://s3.amazonaws.com](https://s3.amazonaws.com) responded with a REVOKED
certificate issued 4/8/14, SHA1 fingerprint:

0C F0 6A F0 5C C4 C4 44 E1 DB 92 25 F0 99 4F EC 6B 5E 4A B5

I failed to grab initial [https://s3.amazonaws.com](https://s3.amazonaws.com)
cert that passed chrome revocation list check. Which could have been also due
to the revocation service timeout because in that case AFAIK no revocation
check is performed and cert is silently accepted.

~~~
e12e
Hm, and encrypted with RC4 128 bit for me. Maybe it's time to check the
client-side cipher settings...

------
tijs
I saw the same thing maybe 5 minutes ago but it has since been resolved it
seems.

------
_mikz
Chrome can't connect. TextMate can't update. OSX says cert was revoked.

------
aristidb
Solved now?

