FaceBook uses incorrect SSL Certificate for its domain: “GTE CyberTrust Global Root”
Accessing https://www.facebook.com/ results in a SSL error: This Connection is Untrusted.
Issuer of the Cert:
CN = GTE CyberTrust Global Root
OU = “GTE CyberTrust Solutions, Inc.”
O = GTE Corporation
C = US
Go fix it! I have to remove a friend ….
[update]: Now 09/23/2010 at 1:15pm I’m getting this error:
Service Unavailable - DNS failure
The server is temporarily unable to service your request. Please try again later.
Has Facebook been hacked?
February 8, 2011 at 1:44 pm
Today Feb 8/11 am getting the same message…what was the resolution of this question.
thx
July 14, 2011 at 8:34 pm
The message is very specific for this kind of failure: the certificate is only valid a248-e.akamai.net, *.akamai.net, and implicitly, you’re not reaching it from that URL.
I know this is a few months old, and you may not remember the incident and whether that was the same error code… I’m writing this to help document the next occurrence.
In this case, Akamai being a CDN, Facebook is pulling content form Akamai for faster delivery. If it uses akamai.net in the URL for those images and such, no worries; if it uses *.facebook.com, then the server feeding that content has to provide a certificate as *.facebook.com.
Facebook’s error, or a server misconfiguration can cause this — the key is that YOU DIDN’T, so you cannot fix it. You need to complain to facebook, and have them complain to Akamai, and those two parties can fix it.
At this point, you’re able to trust the certificate and get your content, or don’t, and have a few images missing from facebook.
Note: if one of a hundred servers is misconfigured, you might get some-not-all of your content if you choose not to trust the cert.
Now, this is a much different issue than if the issuer/trust chain is not met, which is what I was researching when google sent me here.
Cyrill, thanks for the blog entry/episode re: your issue