I never rolled back the FW, have left it with support to dig in to. To see if they can solve it. If they recommend rolling back the firmware I'll give it ago. It seems to fail on the SSL check, I'm wondering if Meraki's inspection is doing something to break it. openssl s_client -connect code.jquery.com:443 -verify 1
verify depth is 1
CONNECTED(00000005)
write:errno=54
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 318 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
--- openssl s_client -connect code.jquery.com:443 -verify 1
verify depth is 1
^[[A
CONNECTED(00000005)
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify error:num=27:certificate not trusted
verify return:1
depth=0 CN = code.jquery.com
verify return:1
---
Certificate chain
0 s:/CN=code.jquery.com
i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGMDCCBRigAwIBAgISA5oYpQN6dgTwhVNCwRCVh3frMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA2MTgxNDE4MTlaFw0x
ODA5MTYxNDE4MTlaMBoxGDAWBgNVBAMTD2NvZGUuanF1ZXJ5LmNvbTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBALRxhkfhH/JpjGvo164zJF3JI8fiRJOp
Uhc45mst/oDy9/OVm98s2van2H5MGW1erCULSQ/HmqStdhwMOtmL1zhuwG6iYoZn
bp/QSAljhiV0LO6cuBBtJME+3kkHrUFwLMh6iSqFkIRbHIquSp4ii242qZ0hhcol
o7zYATDMHSUMqiCkq04XmgUugiFRfzljnS87VmcQ5hD30DTIj9efQug22NzrM+Rt
oqt4B8/tESb7GcFnHBtkKaGeFj3Cx6CaOqVb12XOJPp4+FaYmhV5i5bZ87sLoMaM
xC1gczbgkR6C4db/1njI5PVYHxUi8oyUyMndR3Hr8nJUBtCmBK7TXdsCAwEAAaOC
Az4wggM6MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUNAPHfJ95zS5MSdW2cmd/FiNu
JW8wHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEE
YzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQu
b3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQu
b3JnLzBBBgNVHREEOjA4gg9jb2RlLmpxdWVyeS5jb22CEmNvbnRlbnQuanF1ZXJ5
LmNvbYIRc3RhdGljLmpxdWVyeS5jb20wgf4GA1UdIASB9jCB8zAIBgZngQwBAgEw
geYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNl
bmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1h
eSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25s
eSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3Vu
ZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzCCAQQGCisG
AQQB1nkCBAIEgfUEgfIA8AB2ANt0r+7LKeyx/so+cW0s5bmquzb3hHGDx12dTze2
H79kAAABZBN5snIAAAQDAEcwRQIhAOS/SdofV9VT6ZTVCLsaEb5Ma6h6jsRv8WaR
ESoRM4AsAiBJYoTZdS/z1JLdEU4rYM2mniNC6/fjF2/MPcovLRbBRAB2ACk8UZZU
yDlluqpQ/FgH1Ldvv1h6KXLcpMMM9OVFR/R4AAABZBN5soIAAAQDAEcwRQIgUMUF
wUYHpiCqOSsioy9blUSKr2ibizs7wzesYQ11rnkCIQDKkEyoua4bjEvOGrmSYatn
84bYu35e7etJZXxN6vpFwTANBgkqhkiG9w0BAQsFAAOCAQEAm2qJ+kRQm6FXZSyZ
ugGhilFKRkhgtJJAo6gnOG4zyn2xCIZQPOtMS2gfX8BbSA0fBxi4HDsw9wfoiVh7
iMZ1QLlNq+d/8WtEvh47hJh5pkXqYNJKzAdf4ngL8uJ3nmDuhcKStzkeP3sejYsq
np2wIt1MsnAgReyegYSH9/9Yieea1yz3tQd8Oxjp+JLRZtFOtDwpvwxeLb0t1mDl
2oVmDZCNvn3iTnTref1ewyRbRh/7/F3OHvrZbFhO3g13wC+t5v+m19MWUIaBCCBw
WVLrrDqYo3IWW4EwG5GzccQ3peW/IcmFmVOZFmy64ai2sPpLkRuGw9qfEuhTDU9C
nRmsAA==
-----END CERTIFICATE-----
subject=/CN=code.jquery.com
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
---
No client certificate CA names sent
---
SSL handshake has read 3419 bytes and written 444 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: B44AF44115BB70789F67A5D88EA5CD9D1676D27A14FEB9F37433E716CFD4AEC0
Session-ID-ctx:
Master-Key: 0BB2EFEBF7FE5F1127BDC3FC6563A0259352760BE40BE127A2DB7C0F62AD697E49A29F9D641949870953E66D449C82EB
TLS session ticket lifetime hint: 43200 (seconds)
TLS session ticket:
0000 - 96 11 28 ab 72 c3 f6 0b-b9 3c f6 54 02 cc 7f 86 ..(.r....<.T....
0010 - 48 30 06 8a ac 1f 9e 7b-6c ae e6 96 be f6 fe f2 H0.....{l.......
0020 - da d8 6a ce 4d c8 0b 2d-ce c6 2e 1a c3 71 fc 7b ..j.M..-.....q.{
0030 - b0 99 d3 0f fc 07 85 9b-6f 40 0b c2 7c 7a d5 09 ........o@..|z..
0040 - 84 63 85 c0 92 2f e0 ae-46 7e df 7f d5 e3 84 a3 .c.../..F~......
0050 - 62 0a 33 ce 9e b8 72 0f-4a 49 11 64 90 73 95 ac b.3...r.JI.d.s..
0060 - 65 c4 3f 9d 83 10 7f 3b-ec 65 05 ab 8d a6 2d da e.?....;.e....-.
0070 - 06 68 f7 9d 8a bf a7 e6-b5 00 75 8f f3 67 1f 2b .h........u..g.+
0080 - 6d 7f 12 c1 8c 72 9e 4c-5c e3 9d c0 48 39 f8 3b m....r.L\...H9.;
0090 - 42 8d f7 04 4f f6 70 cd-77 c5 5c 9b f9 f2 e9 48 B...O.p.w.\....H
Start Time: 1534863710
Timeout : 300 (sec)
Verify return code: 27 (certificate not trusted)
---
closed
... View more