I see the following warning when visiting http://www.github.com/ after July 26, 2014. I get this warning in both Chrome and Safari on my OS X Mavericks-equipped iMac.
Should I worry about this? How do I fix it?
How to fix the SSL warning I get when visiting github.com
certificatessl
Related Question
- Find out which certificate authorities do not come with the system
- MacOS – How to remove SSL certificate exceptions on OS X
- “This certificate was signed by an untrusted issuer”: what’s causing such an error
- How to clear SSL leaf certificates mappings to particular domains
- MacOS – web request failures in curl
- MacOS – Creating SHA-2 certificate using keychain assistant
Best Answer
You should always distrust SSL connections that are using expired certificates. This could indicate a simple oversight on the part of the website operator or it could indicate a malicious attempt to intercept encrypted communications between the website and your browser. Heed your browser's warnings and don't load the page when these warnings occur.
OS X users can delete the expired certification from their keychains. This certificate was issued by DigiCert and they have a blog post that details what happened and how to fix it. Paraphrased from the post:
Keychain Accessapplication (you may be asked for your password when you do this)View -> Show Expired Certsand search forDigiCert Highto find theDigiCert High Assurance EV Root CAthat expired on July 26, 2014. It's important you only delete the expired certificate here.You may also need to restart Chrome and Safari for the warning to disappear. Also, make sure you check all Keychains and verify your Category filters - certificates or All Items should be selected.