Recently I have seen secure connections to archive.ph failing. Today I decided to dig in a little and to me things look very fishy. This may be a f-up on the part of CloudFlare/archive.ph that I am not fully understanding but on the surface it looks like the cert is using the the old X3 intermediate in the certificate chain rather than the new R3 intermediate in the certificate chain. Considering LetsEncrypt made that change in September, and in theory LetsEncrypt certs are only valid for 90 days... This really should not be possible for a cert that has not expired yet.
Seems like to me that there may be a man-in-the-middle attack going on here.
Recently I have seen secure connections to archive.ph failing. Today I decided to dig in a little and to me things look very fishy. This may be a f-up on the part of CloudFlare/archive.ph that I am not fully understanding but on the surface it looks like the cert is using the the old X3 intermediate in the certificate chain rather than the new R3 intermediate in the certificate chain. Considering LetsEncrypt made that change in September, and in theory LetsEncrypt certs are only valid for 90 days... This really should not be possible for a cert that has not expired yet.
Seems like to me that there may be a man-in-the-middle attack going on here.
(post is archived)