Hey, Facebook! Renew Your SSL Certificate!


Apparently, Facebook, Inc is getting too big and they forgot to renew their SSL certificate.

An SSL certificate is a bit of code on your web server that provides security for online communications. When a web browser contacts your secured web site, the SSL certificate enables an encrypted connection. It’s kind of like sealing a letter in an envelope before sending it through the mail. — Thawte

Facebook asked me to import Mac Address Book contacts to find my friends on Facebook. The Java importer launched on my Mac and asked for my permission. I checked the security certificate and found that, guess what, the SSL certificate had expired.

The Facebook SSL certificate was issued by Thawte and expired at October 15, 2010. It has been 10 days now and not renewed yet!

Share this:

  • weird… it shows the expiry date is 23Nov2010 on my browser.

    • Ya, weird. Different for Mac? :-/
      I just tried again before publish this article. Still same date and expired.

      • They’re using some kind CDN, perhaps thats was the reason.

  • maybe SSLMITM attack?

  • Looks like they’re using Digicert on mine. Expiring November 23 2010. Strange.

  • Dan Forward

    The Thawte certificate is a code-signing certificate, which they use to sign their Java code. The certificate seen in a browser is an SSL certificate, which comes from DigiCert.

  • Maarije Adnan

    plz help me to install security certificate