Texonom
Texonom/
Computing
Computing/Computing Theory/Information Theory/Cryptography/Encryption/Asymmetric Encryption/PKI/CA/
Certificate Chain
Search

Certificate Chain

Creator
Creator
Seonglae ChoSeonglae Cho
Created
Created
2021 Nov 12 2:55
Editor
Editor
Seonglae ChoSeonglae Cho
Edited
Edited
2024 May 2 7:11
Refs
Refs
  1. www.agwa.name (leaf certificate)
  1. Sectigo RSA Domain Validation Secure Server CA (intermediate CA)
  1. USERTrust RSA Certification Authority (intermediate CA)
  1. USERTrust RSA Certification Authority (self-signed)
  1. AddTrust External CA Root (self-signed)
 
 
 
 
Revisiting BetterTLS: Certificate Path Building
Last year the AddTrust root certificate expired and lots of clients had a bad time. Some Roku devices weren't working right, Heroku had problems, and some folks couldn't even curl. In the aftermath Ryan Sleevi wrote a really great blog post not just about the issue of this one certificate's expiry, but the problem that so many TLS implementations have in general with certificate path building.
Revisiting BetterTLS: Certificate Path Building
https://netflixtechblog.com/revisiting-bettertls-certificate-path-building-4c978b79843f
Revisiting BetterTLS: Certificate Path Building
 
 

Recommendations

Texonom
Texonom/
Computing
Computing/Computing Theory/Information Theory/Cryptography/Encryption/Asymmetric Encryption/PKI/CA/
Certificate Chain