taivo | Stripe Developers | Page 1

brazen graniteBOT Dec 22, 2022, 6:39 PM

#

surreal walrus Dec 22, 2022, 6:39 PM

#

Hello! What version of Safari and macOS are you using?

#

Also wondering what happens if you try to visit https://js.stripe.com/v3 in Safari?

stark marsh Dec 22, 2022, 6:41 PM

#

checking thanks. the browser won't load that file.

#

but FF will.

#

safari 15.6.1

surreal walrus Dec 22, 2022, 6:41 PM

#

Can you provide more details? What do you mean by "won't load"? Is there an error message?

stark marsh Dec 22, 2022, 6:42 PM

#

macos catalina 10.15.7

#

Your connection is not private
Attackers might be trying to steal your information from js.stripe.com (for example, passwords, messages, or credit cards). Learn moreNET::ERR_CERT_AUTHORITY_INVALID
Subject: a.stripecdn.com
Issuer: DigiCert SHA2 Extended Validation Server CA
Expires on: Jan 11, 2024
Current date: Dec 22, 2022
PEM encoded chain:

surreal walrus Dec 22, 2022, 6:43 PM

#

Ah, I think your OS version might be too far out of date. Let me check something...

stark marsh Dec 22, 2022, 6:43 PM

#

Common Name (CN)a.stripecdn.comOrganization (O)Stripe, IncOrganizational Unit (OU)<Not Part Of Certificate>Issued By
Common Name (CN)DigiCert SHA2 Extended Validation Server CAOrganization (O)DigiCert IncOrganizational Unit (OU)www.digicert.comValidity Period
Issued OnWednesday, December 14, 2022 at 4:00:00 PMExpires OnThursday, January 11, 2024 at 3:59:59 PMFingerprints
SHA-256 Fingerprint6A F5 B9 3F CB 94 C4 F5 E8 33 D7 6B 88 40 12 62
E2 96 43 6A B1 06 CE 21 27 55 4D 7E 3C CE C1 6CSHA-1 Fingerprint39 4A B6 4A 19 55 96 3E 93 1F 4E C9 98 3A 0E 34
49 CE 1B C6

surreal walrus Dec 22, 2022, 6:44 PM

#

Hm, actually I don't think that's it... Catalina isn't that old...

#

Do you have any pending software updates for macOS?

stark marsh Dec 22, 2022, 6:45 PM

#

checking.

#

up to date.

surreal walrus Dec 22, 2022, 6:49 PM

#

How strange. Can you load https://www.digicert.com?

stark marsh Dec 22, 2022, 6:50 PM

#

testing, just rebooting it.

#

Maybe a TLS versioning issue?
https://www.ssllabs.com/ssltest/analyze.html?d=js.stripe.com&s=151.101.0.176&latest

#

might not support 1.2 or 1.3

surreal walrus Dec 22, 2022, 6:52 PM

#

What does https://browserleaks.com/ssl say?

BrowserLeaks

SSL/TLS Client Security Test

The page shows the SSL/TLS capabilities of your web browser, determines supported TLS protocols and cipher suites, and marks if any of them are weak or insecure, displays a list of supported TLS extensions and key exchange groups. Using this data, it calculates the TLS-fingerprint in JA3 format. It also tests how your web browser handles request...

stark marsh Dec 22, 2022, 6:52 PM

#

loading.

#

OK my dev rebooted the box and it loads now. Wish we tested this prior to the reboot, but the results now look correct and file loads:
Protocol Support
TLS 1.3 ✔️ Enabled
TLS 1.2 ✔️ Enabled
TLS 1.1 × Disabled (Good)
TLS 1.0 × Disabled (Good)

#

So, thanks for your help. We will inform our customers to update and reboot their machines if they encounter this.

surreal walrus Dec 22, 2022, 6:57 PM

#

How strange. Before the restart that just happened how long had that Mac gone without a restart?

stark marsh Dec 22, 2022, 6:57 PM

#

It would have been within the last couple of months. But it's been on ffor a long time.

surreal walrus Dec 22, 2022, 7:01 PM

#

Strange. Glad a restart solved it, but what an unusual issue. 😅

#taivo