Portal CDN Certificate Name Invalid Error

While developing a Ghost theme, I encountered an error related to the CDN used by Ghost. When attempting to access the resources served over the CDN, the following error messages were displayed in the browser console:

  1. GET https://cdn.jsdelivr.net/ghost/portal@~2.37/umd/portal.min.js net::ERR_CERT_COMMON_NAME_INVALID

  2. GET https://cdn.jsdelivr.net/ghost/sodo-search@~1.1/umd/sodo-search.min.js net::ERR_CERT_COMMON_NAME_INVALID

I’ve checked other Ghost themes, and they seem to be encountering similar issues as well.

1 Like

It’s working for me, are you behind a proxy or firewall that might be hijacking the CDN?

I have this issue as well. Not sure when it happened, but I just realized it today. And I haven’t touched the code for at least a week, so it’s unlikely that I broke it.

Also, upon checking some of the sites hosted with Ghost, I noticed the same thing — the comments portal isn’t loading and it shows the same issues in Console.

I am having the same issues and I see the problem regardless the hosting. This looks like a certificate problems at JSDelivr. I have notified Ghost.

The following features/services are impacted, at least:

  • Ghost Portal
  • Search
  • Announcement Bar

@vikaspotluri123, is it possible that you are loading the JS files locally and not from the JSDelivr?

I have just had a customer report the same. Not entirely sure yet what’s causing it.

The certificate is looking fine on my end (expiration in October 2024), but posters on Reddit also seem to experience it.

Quick Google search led me to this: Failed to load resource: net::ERR_CERT_COMMON_NAME_INVALID · Issue #18357 · jsdelivr/jsdelivr · GitHub

However, the customer that reported the issue is based in Europe, not in China :thinking:

I have tried visiting the same sites that my customer visited—all of which use JSDelivr. They had an issue, I did not. I also tried it from different machines and could always access the files without issues. Really odd :thinking:

Edit: another interesting piece of the puzzle. Apparently, for some people using a VPN solves the issue. I am not a networking pro, so having trouble trying to figure out what’s causing this…

Thank you very much for all these insights. That confirms it is completely CDN-related.

I have sent Ghost Support a link to this conversation. It does not seem to be Ghost-related, however, in everyone’s interest to solve it.

TO GHOST SUPPORT: We are standby if we can help :slight_smile:

1 Like

Hey folks, there’s a team here at Ghost working on this right now.

We posted an incident update for Ghost(Pro) users. The same issue affects self-hosters too.

jsDelivr is causing console errors, affecting the functionality of the portal and comments sections on some sites. The issue with jsDelivr is noted on their status page and affects certain parts of the world. We are investigating.

2 Likes

Some certificate expired 2 hours ago and users report “half of the Internet is broken” :laughing:

https://community.cloudflare.com/t/jsdelivr-expired-certificate-may-2024/650543

Hi, Thanks for the investigation.
I’m facing the same error and trying to change the cdn.jsdelivr~~ url.
maybe changing subdomain, or use unpkg,
in versions/5.64.0/core/shared/config/defaults.json file
but struggling how to apply the changed settings…

If you need a quick solution, you could actually just disable the CDN from your configuration file (if you’re self-hosting):

1 Like

It started to work for me. :tada:

Folks, can you check on your side?

2 Likes

Exactly. Due to privacy and due to the fact it is a single point of failure.

I believe we cannot avoid a CDN in Ghost long-term, yet it would be interesting to investigate privacy-oriented CDNs (I assume there are good options).

From one of the threads above:

327343098-f4458b8e-e67b-4e98-81c5-bdf6cfc27314

2 Likes

CDN problem is resolved though, without any modification on my side :joy:

1 Like

Happy to hear. Users in Cloudflare and JSDelivr forums have started confirming everything is back to normal. :slight_smile:

Hey, a real-time update from our end…

The status page at jsDelivr is now cleared: https://status.jsdelivr.com/

We are just holding off closing our incident while we wait to see the updates propagate, so we’ll be in monitoring for a while. It might pay to hold off making changes to your self-hosted instances now, but that is your choice of course!

2 Likes

@khoanguyen_st thanks for raising it, great first post :smile:

2 Likes

Thanks for all these responses! My portal is back now :smile:

1 Like