QuoVadis Intermediate Certificate Issue
15/01/2020:
Hello
It has been brought to our attention that many certificates issued via the old version of the Jisc Certificate Service (provided by Digicert/QuoVadis) are, as of last night, showing browser errors due to revocation of the issuing intermediate certificate. This is due to Digicert revoking an old version of the intermediate (not the certificates themselves).
To fix this issue, you will need to update the certificate chain your webserver is presenting to include the new version of the intermediate that actually issued your certificate, these can be found here:
To be clear: you do not need to replace the certificate itself.
Note: if you're not sure which to use, if you use https://crt.sh to query for your affected certificate, e.g. (www.example.com), identify your certificate in the list, and look at the issuer name and see if it ends in G2 or G3 - and then choose the new intermediate accordingly and update the chain configured in your web server.
This issue is affecting many people worldwide, beyond the Jisc Certificate Service. We apologise for any issues this has caused our members, but Jisc was not made aware of the change in issuing intermediate by our old supplier and was not warned about the revocation of the old version. This kind of issue should be minimised/disappear with the new Jisc Certificate Service, provided by Sectigo.
