Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
s3.amazonaws.com certificate revoked (amazonaws.com)
98 points by _mikz on April 12, 2014 | hide | past | favorite | 16 comments


Chrome says "This certificate has been revoked". It has SHA1 fingerprint 0C F0 6A F0 5C C4 C4 44 E1 DB 92 25 F0 99 4F EC 6B 5E 4A B5 and was issued 2014-04-08 00:00.

Did they renew a certificate after patching for Heartbleed, but then revoke it?


I'm getting the revocation warning with this SHA1 fingerprint as well in Chrome.


Here all is just fine. It shows as verified and encrypted. I have enabled checking the verification list in Chrome.

Fingerprint is:

    C1 4C 4A 4D 63 63 E4 B4 CD 23 02 1A 2F 0A 0E 9A
    AB FB BE D7 0E 59 10 A3 20 01 EB CC 8D 08 DC E2


Sha1 fingerprint for me is: E0:D2:E0:2E:20:F2:CE:80:AE:16:93:CA:86:2C:5A:14:54:26:28:F5


You both have the same. His fingerprint was SHA256. I see the same certificate and no error in neither chromium nor firefox nightly.


Joy. That'll be why we got a massive error spike this morning then.


For me all connection to amazon.com is unencrypted :o Did they just remove ssl for now?


Url from this post (https://s3.amazonaws.com/) redirects to HTTP://aws.amazon.com/s3/

307 Temporary Redirect

Location: http://aws.amazon.com/s3 [following]

Going directly to https://aws.amazon.com/s3/ keeps the SSL cert, which does not seem to be revoked and is issued at 4/8/14.

SHA1 fingerprint:

E0 D2 E0 2E 20 F2 CE 80 AE 16 93 CA 86 2C 5A 14 54 26 28 F5

EDIT: Now 45 minutes later https://s3.amazonaws.com responded with a REVOKED certificate issued 4/8/14, SHA1 fingerprint:

0C F0 6A F0 5C C4 C4 44 E1 DB 92 25 F0 99 4F EC 6B 5E 4A B5

I failed to grab initial https://s3.amazonaws.com cert that passed chrome revocation list check. Which could have been also due to the revocation service timeout because in that case AFAIK no revocation check is performed and cert is silently accepted.


Hm, and encrypted with RC4 128 bit for me. Maybe it's time to check the client-side cipher settings...


p7b export of E0 D2 E0 key https://github.com/cradle/certs/blob/master/amazon.s3.p7b?ra...


Same here,

HTTP/1.1 307 Temporary Redirect Location: http://aws.amazon.com/s3


No encryption here as well.


Just checked, no encryption for me here


I saw the same thing maybe 5 minutes ago but it has since been resolved it seems.


Chrome can't connect. TextMate can't update. OSX says cert was revoked.


Solved now?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: