Certificate checker

User1279 · June 19, 2024, 2:53pm

Re: Help Blogs Not Working for several days

Is there a server not listed for this website? I know ISRG1 and ISRG2 and DigSignatTrust.

I am having an issue with a social chat website that I use Wireclub.com. So I use the Digicert server checker and contacted Digicert to ask them if a server was missing. They responded I needed to contact Let's Encrypt because the website has a certificate from it. Digicert certificate checker tech support sent me the contact link for Let's Encrypt.

So the issue that I'm having is that the Blog feature on Wireclub is not saving Posts. I get error that the form is not secure and autofill has been turned off. Get the same error for Wire Club Help's Start a Conversation and not able to post this request. I attempted to email wire club because they have an email address for support as well as a contact link page but have not received any response after 7 days. I had to EMAIL Wireclub's support because the send button in the support link was getting the same error message as what I was reporting in the Blogs.

9peppe · June 19, 2024, 2:58pm

That's on the website. I assume it's posting to an http endpoint.

What did the website tell you?

jvanasco · June 19, 2024, 5:40pm

This is something their support will have to fix.

You can try reaching out to them on social media.

Osiris · June 19, 2024, 6:48pm

I don't see what we can do about it: the website seems to be configured properly with regard to it's certificate (although sending out a very long custom chain, chaining up to DST Root CA X3, but that shouldn't be a problem). And the website redirects to HTTPS.

I can't find the "Wire Club Help's Start a Conversation" to check for the same error you're getting, but I wouldn't be surprised if it wasn't an issue with the website.

webprofusion · June 20, 2024, 3:03am

Interesting though, I've not seen someone serve this chain combination before, is it a funky way to get android compatibility while still preferring the ISRG Root X2 ECDSA chain?

wireclub.com ▶▶ E1 ▶▶ ISRG Root X2 ▶▶ ISRG Root X1 ▶▶ DST Root CA X3

[Edit: the chain served is up to and including ISRG Root X1, signed by DST Root CA X3 but does not include DST Root CA X3 itself. They are likely using their own custom process to append ISRG Root X2 > ISRG Root X1 to their served chain. ]

griffin · June 20, 2024, 3:45am

It's a hack in the sense that many/most verification processes will stop when they find ISRG Root X2 in their trust stores. Such verification processes, when lacking ISRG Root X2 in their trust stores, will stop when they find ISRG Root X1 in their trust stores. Barring those two conditions, verification processes will fail if they don't find DST Root CA X3 in their trust stores.

(@webprofusion, I know that you are most likely already aware of all this. I provided this information for any who might lack such awareness. )

MikeMcQ · June 20, 2024, 3:24pm

This thread is also interesting regarding "extra long" chains for Android in relation to ECDSA certs in particular (which wireclub.com is using)

system · July 20, 2024, 3:24pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
New Chain Checker Tool Client dev	15	2232	November 3, 2021
Unsecured site messages Help	4	633	November 20, 2021
Cert Chain issue Help	5	480	May 26, 2023
Plz help me with this invalid certificate! Help	11	1014	January 24, 2022
Issues with Letsencrypt and Msxml2.XMLHTTP.3.0 Help	11	1841	January 2, 2022

Certificate checker

Related topics