

SSL certificate at https://www.cnn.com/ bad? - vocatan

Testing SSL certificates and found that the SSL certificate that presents itself at https:&#x2F;&#x2F;www.cnn.com doesn&#x27;t allow that hostname?<p>www.cnn.com uses an invalid security certificate. The certificate is only valid for the following names: a.ssl.fastly.net, <i>.a.ssl.fastly.net, fast.wistia.com, purge.fastly.net, mirrors.fastly.net, </i>.imgix.net, <i>.parsecdn.com, </i>.fastssl.net, voxer.com, www.voxer.com, <i>.firebase.com, sites.yammer.com, sites.staging.yammer.com, </i>.skimlinks.com, <i>.skimresources.com, cdn.thinglink.me, </i>.fitbit.com, <i>.hosts.fastly.net, control.fastly.net, </i>.wikia-inc.com, <i>.perfectaudience.com, </i>.wikia.com, f.cloud.github.com, <i>.digitalscirocco.net, </i>.etsy.com, <i>.etsystatic.com, </i>.addthis.com, <i>.addthiscdn.com, fast.wistia.net, raw.github.com, www.userfox.com, </i>.assets-yammer.com, <i>.staging.assets-yammer.com, assets.huggies-cdn.net, api.kinja.com, orbit.shazamid.com, about.jstor.org, </i>.global.ssl.fastly.net, web.voxer.com, pypi.python.org, <i>.12wbt.com, www.holderdeord.no, secured.indn.infolinks.com, play.vidyard.com, play-staging.vidyard.com, secure.img.wfrcdn.com, secure.img.josscdn.com, </i>.gocardless.com, widgets.pinterest.com, <i>.7digital.com, </i>.7static.com, p.datadoghq.com, <i>.plan3.se, new.mulberry.com, www.safariflow.com, cdn.contentful.com, tools.fastly.net, </i>.huevosbuenos.com, <i>.goodeggs.com, </i>.fastly.picmonkey.com, <i>.cdn.whipplehill.net, </i>.whipplehill.net, cdn.media34.whipplehill.net, cdn.media56.whipplehill.net, cdn.media78.whipplehill.net, cdn.media910.whipplehill.net, <i>.modcloth.com, </i>.disquscdn.com, <i>.jstor.org, </i>.dreamhost.com, www.flinto.com, <i>.chartbeat.com, </i>.hipmunk.com, content.beaverbrooks.co.uk, secure.common.csnstores.com, *.vsco.co,<p>full list at http:&#x2F;&#x2F;pastebin.com&#x2F;raw.php?i=kwCzM5z0
======
privong
Interesting. I just visited the site and received a warning from firefox – the
same invalid cert error was given, with the same domains.

The cert was issued to:

    
    
      a.ssl.fastly.net
      Fastly, Inc.
    

And issued by:

    
    
      DigiCert SHA2 High Assurance Server CA
      DigiCert Inc
    

Perhaps this is just a CDN error/issue?

------
justcommenting
Probably just a CDN issue ([https://cnn.com](https://cnn.com) not found, www.
shows an error, etc.), but fyi...

Cert Subject Alt Names:

Not Critical DNS Name: a.ssl.fastly.net DNS Name: _.a.ssl.fastly.net DNS Name:
fast.wistia.com DNS Name: purge.fastly.net DNS Name: mirrors.fastly.net DNS
Name:_.imgix.net DNS Name: _.parsecdn.com DNS Name:_.fastssl.net DNS Name:
voxer.com DNS Name: www.voxer.com DNS Name: _.firebase.com DNS Name:
sites.yammer.com DNS Name: sites.staging.yammer.com DNS Name:_.skimlinks.com
DNS Name: _.skimresources.com DNS Name: cdn.thinglink.me DNS Name:_.fitbit.com
DNS Name: _.hosts.fastly.net DNS Name: control.fastly.net DNS Name:_.wikia-
inc.com DNS Name: _.perfectaudience.com DNS Name:_.wikia.com DNS Name:
f.cloud.github.com DNS Name: _.digitalscirocco.net DNS Name:_.etsy.com DNS
Name: _.etsystatic.com DNS Name:_.addthis.com DNS Name: _.addthiscdn.com DNS
Name: fast.wistia.net DNS Name: raw.github.com DNS Name: www.userfox.com DNS
Name:_.assets-yammer.com DNS Name: _.staging.assets-yammer.com DNS Name:
assets.huggies-cdn.net DNS Name: api.kinja.com DNS Name: orbit.shazamid.com
DNS Name: about.jstor.org DNS Name:_.global.ssl.fastly.net DNS Name:
web.voxer.com DNS Name: pypi.python.org DNS Name: _.12wbt.com DNS Name:
www.holderdeord.no DNS Name: secured.indn.infolinks.com DNS Name:
play.vidyard.com DNS Name: play-staging.vidyard.com DNS Name:
secure.img.wfrcdn.com DNS Name: secure.img.josscdn.com DNS
Name:_.gocardless.com DNS Name: widgets.pinterest.com DNS Name: _.7digital.com
DNS Name:_.7static.com DNS Name: p.datadoghq.com DNS Name: _.plan3.se DNS
Name: new.mulberry.com DNS Name: www.safariflow.com DNS Name:
cdn.contentful.com DNS Name: tools.fastly.net DNS Name:_.huevosbuenos.com DNS
Name: _.goodeggs.com DNS Name:_.fastly.picmonkey.com DNS Name:
_.cdn.whipplehill.net DNS Name:_.whipplehill.net DNS Name:
cdn.media34.whipplehill.net DNS Name: cdn.media56.whipplehill.net DNS Name:
cdn.media78.whipplehill.net DNS Name: cdn.media910.whipplehill.net DNS Name:
_.modcloth.com DNS Name:_.disquscdn.com DNS Name: _.jstor.org DNS
Name:_.dreamhost.com DNS Name: www.flinto.com DNS Name: _.chartbeat.com DNS
Name:_.hipmunk.com DNS Name: content.beaverbrooks.co.uk DNS Name:
secure.common.csnstores.com DNS Name: _.vsco.co DNS Name: www.joinos.com DNS
Name: staging-mobile-collector.newrelic.com DNS Name:_.modcloth.net DNS Name:
_.foursquare.com DNS Name:_.shazam.com DNS Name: _.4sqi.net DNS
Name:_.metacpan.org DNS Name: _.fastly.com DNS Name: wikia.com DNS Name:
fastly.com DNS Name: kinja.com DNS Name:_.gadventures.com DNS Name:
www.gadventures.com.au DNS Name: www.gadventures.co.uk DNS Name: kredo.com DNS
Name: cdn-tags.brainient.com DNS Name: my.billspringapp.com DNS Name: rvm.io

serial: 01:E8:7D:87:DA:D5:21:F0:05:72:28:EE:85:7A:0A:E6 sha1 fingerprint:
01:E8:7D:87:DA:D5:21:F0:05:72:28:EE:85:7A:0A:E6

