Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Just as an FYI, I'm seeing a certificate error when loading web.dev. I'm on latest Chrome Version 90.0.4430.212 (Official Build) (x86_64) on Mac OS Big Sur

Screenshot: https://d.pr/i/gvj3fA

I've been trying to visit web.dev for days for various reasons, but I just get this and neither Chrome nor Safari will let me visit. But apparently a bunch of you can see the page, so I'm confused as to why I seem to be the only one seeing this... but maybe you or someone there can help? Thanks.



Very odd, I'm on the same release (Catalina) and no difficulties. The certificate is from Google Trust Services, which presumably Chrome should honor.

Perhaps you have a proxy causing interference?

As the sibling comment notes, looking at the certificate using Advanced may help clarify things.

Update: here's the full chain that I see:

web.dev, signed by GTS CA 1D2, with a root certificate of GlobalSign Root CA - R2.


This is what I see: https://d.pr/i/8VY9As

As far as I know, I have no proxies to interfere...


Apparently there's still more to see if you dig deeper, but I'm unfamiliar with Chrome's UI for invalid certificates.

If you can open your terminal, this may be easier:

% openssl s_client -connect web.dev:443

It will hang (I guess awaiting more commands) but you can use Control-C to kill the connection.

The gist below has the first several lines showing what you should see.

https://gist.github.com/macintux/68ab1317d4b7677951069baf95c...


OK, I think I see what's happening. There's some other software that overrode the *.dev cert. I'll remove that and see if it works. Thanks for your help!


Huh, that's...unexpected. My best guess was that somehow the root certificate was missing from your computer's trusted certificate store.

Glad you got it sorted, happy to help.


It was a fairly common issue when .dev first launched. https://andycroll.com/ruby/clean-up-broken-dev-domains-after...


Aha, interesting. Thanks.


Yup, that's exactly what happened. Thanks to both of you for your help! I really appreciate it. This was driving me nuts!


Open that Advanced button to proceed, inspect the certificate (click the lock icon in URL bar)


could be DNS of your ISP?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: