Meraki

Community

About Expo233

Re: api.meraki.com returns fake certificate of Ingress controller

by in Developers & APIs
‎Apr 4 2023 2:32 AM
‎Apr 4 2023 2:32 AM
Ingress controller as per google is a reverse proxy for Meraki cloud. The response is indeed from Meraki (verified with a pcap). I tried accessing the IP of API Meraki cloud from a browser and you will get to see this fake cert being returned.    It seems the response differs based on OpenSSL version.    This used to work on the older OpenSSL version a few months back. So something changed on the Meraki side, probably a fix for some CVE I guess ... View more

Re: api.meraki.com returns fake certificate of Ingress controller

by in Developers & APIs
‎Apr 3 2023 2:07 AM
‎Apr 3 2023 2:07 AM
The fake certificate seems to be returned depending on the OpenSSL version that is used.  # openssl version OpenSSL 1.1.1f 31 Mar 2020 ---> Works fine and the correct certificate is returned # openssl version OpenSSL 1.0.2u-fips 20 Dec 2019 ---> Returns fake cert ... View more

api.meraki.com returns fake certificate of Ingress controller

by in Developers & APIs
‎Mar 31 2023 2:05 AM
‎Mar 31 2023 2:05 AM
When trying to access api.meraki.com , The server is returning a fake certificate, which is causing SSL verification to fail.  # openssl s_client -showcerts -connect api.meraki.com:443 CONNECTED(00000003) depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate verify error:num=21:unable to verify the first certificate verify return:1 Any ideas on what causes this?  ... View more
© 2025 Cisco Systems, Inc.