On 20/12/11 16:18, Michael Becker wrote:
I'm running a firefox plugin called certpartol which alerts me to unusual ssl cert changes.
The existing cert signed by GeoTrust, Inc. wasn't set to expire until 2016-07-19 02:17:12. The new cert is signed by DigiCert Inc.
I just want to make sure this is an intentional change and not a fake cert.
I took a screenshot of the certpatrol warning @ http://img204.imageshack.us/img204/8463/screenshot20111220at953.png
It's legitimate. The certificate was changed last week to a new one which also supports *.m.wikipedia.org
Old certificate (rapidssl):
SHA1: 75 B7 57 24 74 3F F9 3D 6D F4 7F 5C 5A 8C 65 5A 8F 28 1B C2 MD5: 8B FE CE DA 58 76 48 71 EF 0C EE 1C BD D6 19 6F
New certificate (digicert):
SHA1: 03 47 7F F5 F6 3B F5 B6 10 C0 7D 65 9A 7B A9 12 D3 20 83 68 MD5: C0 C8 F7 A0 33 20 A2 D4 2E 27 65 73 42 4C A0 24
Although I could be a moron which trojanised your connection and is trying to fool you ;)
It _should_ be possible to confirm this by looking at the Server Admin Log entries of 13 December:
00:15 LeslieCarr: depooling and restarting ssl1001 withnew cert 00:14 LeslieCarr: pushing out new digicert certificate for *.wikipedia.org
if only wikitech wasn't using an expired self-signed certificate...