Can't validate X, expired cert on community.theme.co

espcdesign · April 6, 2018, 10:50am

We’re trying to validate a new copy of X; the validation fails, and if I add “&x-verbose=1” to the URL, I can see that cURL returns “error 60: SSL certificate problem: certificate has expired”. cURL’s own CA certs are up to date on the server, and it actually looks like the expired cert is the one for community.theme.co; checking our DNS logs, I can see the WP host looking up that domain name during the validation process.

I checked this with cURL:

# curl https://community.theme.co --cacert /etc/pki/trust/anchors/cacert.pem --verbose
* Rebuilt URL to: https://community.theme.co/
* Hostname was NOT found in DNS cache
*   Trying 50.31.66.102...
* Connected to community.theme.co (50.31.66.102) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: /etc/pki/trust/anchors/cacert.pem
  CApath: /etc/ssl/certs/
* SSLv3, TLS Unknown, Unknown (22):
* SSLv3, TLS handshake, Client hello (1):
* SSLv2, Unknown (22):
* SSLv3, TLS handshake, Server hello (2):
* SSLv2, Unknown (22):
* SSLv3, TLS handshake, CERT (11):
* SSLv2, Unknown (21):
* SSLv3, TLS alert, Server hello (2):
* SSL certificate problem: certificate has expired
* Closing connection 0
curl: (60) SSL certificate problem: certificate has expired

And then double-checked with SSLLabs:

(Full results at https://www.ssllabs.com/ssltest/analyze.html?d=community.theme.co)

…and it looks as though the issue with the recently-expired cert on community.theme.co. Do you know when it’ll be fixed?

jade · April 10, 2018, 3:50pm

Hi there,

Thanks for writing in.

Firstly, would you mind double checking if you have the latest version of X installed before validating? The new URL for validation https://theme.co/apex/api-v2/validate/ which should be reflected in the latest version of X.

Also, the certificate for community.theme.co is expired but it is configured to redirect to https://theme.co but your host does not seem to follow the redirect header. You could either set CURLOPT_FOLLOWLOCATION to true in our theme’s CURL request, or by contacting your host to enable it on your system.

But please note that this is for very outdated theme version and currently, we use are using wp_remote_get() instead of CURL. If your theme is not updated, I would recommend ignoring the previous suggestion and do the manual update in a staging site as they may break the live site if you do that.

In case you are using the latest version of X but still experiencing the validation issue, kindly provide us with the admin access to your site in a Secure Note (key icon below your response) so that we can look into it further.

Thank you.

espcdesign · April 10, 2018, 9:46am

Yes, we’re definitely using the most recent version, so I don’t know what’s going on with Curl. I’d appreciate you taking a look; I’ll add a secure note with the URL/credentials.

Thanks.

mldarshana · April 10, 2018, 3:43pm

Hi There,

The issue is that you’re using an older version of X theme & Cornerstone plugin so that our validation process will not be initiated correctly.

You can check the latest version numbers from here (https://theme.co/apex/forum/t/troubleshooting-version-compatibility/195) then update your X theme & Cornerstone plugin (https://theme.co/apex/forum/t/setup-updating-your-themes-and-plugins/62) before validating your site.

Hope that helps.
Thanks!

espcdesign · April 11, 2018, 10:09am

Hi Darshana,

Thanks for the response; we’ve updated to the latest version, and the theme’s now validated. Many thanks for the help.

mldarshana · April 11, 2018, 1:33pm

Glad we were able to help

system · April 21, 2018, 1:33pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.