Uploaded image for project: 'Documentation'
  1. Documentation
  2. DOCS-13724

Expired SSL root cert on docs.mongodb.com

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Cannot Reproduce
    • Priority: Icon: Critical - P2 Critical - P2
    • None
    • Affects Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      A few weeks ago, one of the major SSL root certificates expired. Serving an expired root certificate raises an SSL error in some HTTP clients (but not in most browsers). For example in the latest MacOS Catalina:

         curl https://docs.mongodb.com/
         #Error SSL certificate problem: certificate has expired

      Note that it is not the docs.mongodb.com cert that has expired, but one of the intermediate certificates that your server is sending in the SSL chain.

      The solution is simple: edit your webserver conf to remove the expired CA cert from the bundle. You don't need to replace it with anything, because all clients trust this vendor by default in their own CA bundle.

      For more info see here: https://support.sectigo.com/articles/Knowledge/Sectigo-AddTrust-External-CA-Root-Expiring-May-30-2020

       

       

      Scope of changes

      Impact to Other Docs

      MVP (Work and Date)

      Resources (Scope or Design Docs, Invision, etc.)

            Assignee:
            Unassigned Unassigned
            Reporter:
            jeroenooms@gmail.com Jeroen Ooms
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved:
              3 years, 44 weeks ago