On September 30, 2015, at 12:15 pm, a legacy and long unused DigiCert cross-signed certificate expired, causing some users to experience untrusted certificate errors.
The problem is generally related to a locally installed legacy intermediate certificate that is no longer used and no longer required. The problem may affect any client platform with a locally cached or installed copy of the expired intermediate certificate.
The expired certificate in question is the "DigiCert High Assurance EV Root CA" [Expiration September 30, 2015] certificate. This temporary intermediate certificate was used in years past as part of a compatibility chain for older devices.
To determine where the error is occurring, use DigiCert SSL Installation Diagnostic Tool. Type in the name of your server and click Check Server. If the cross-signed intermediate certificate (expiring September 30, 2015) shows up in the certificate chain, then the problem is on the server side. If there is no intermediate certificate in the chain, then the problem is on the browser/client side.
In general, this cross-chain should not be required.
However, if you want to continue using it, DigiCert recently created a new cross-chain certificate that is valid until 2018. You can download the new cross-chain certificate here.Note: Using this cross-chain in conjunction with a SHA-2 Certificate (or any certificate that expires after December 31, 2015) will cause the SHA-1 warning to show up in the Chrome browser.
All recent certificate(s) installation(s) issued by DigiCert include the most up-to-date intermediates in order to establish trust with browsers.
If you have problems on other operating systems, please contact Technical Support, so we can get additional details and update our documentation for other users to resolve the cached intermediate error.
If you need assistance with this or any other issues, our Support Team is always happy to help.