Admin dashboard fails to load CDN jquery resources due to SSL cert mismatches (1 post)

  1. Jock
    Posted 3 years ago #

    If you change your self-hosted WordPress install so that it starts using SSL to secure the Admin interface, you may have noticed that some dynamic elements are no longer working, such as the Jetpack site stats graph or the fold out sub-menus on the main menu.

    It seems that this is due to your browser flagging an SSL warning when trying to load certain resources hosted on WordPress's CDN. The specific problem is that the domain name serving the request doesn't match the one on the SSL certificate.

    As a result, the browser gets stuck (silently) at the 'Confirm SSL exception' screen (similar behaviour seen in Firefox 16 and Chrome 22), so the resources do not load.

    Two of the usual culprits are:

    <script type='text/javascript' src='https://s0.wordpress.com/wp-includes/js/spin.js?ver=201244'></script>
    <script type='text/javascript' src='https://s1.wordpress.com/wp-includes/js/jquery/jquery.spin.js?ver=201244'></script>

    For example, https://s1.wordpress.com/ is being served by a CDN. The CDN's server is using an SSL certificate with the common name gp1.wac.edgecastcdn.net. As this doesn't match s1.wordpress.com, the browser complains.

    The way to fix this is to load each of the resources in the browser, so for example paste https://s1.wordpress.com/wp-includes/js/jquery/jquery.spin.js?ver=201244 directly. If a browser warning comes up, ask it to store an exception permanently. You should now find that your Admin dashboard works correctly.

    It would also be great if the WordPress CDN servers could use SSL certificates with the right common name on so that the browsers don't complain in the first place!

Topic Closed

This topic has been closed to new replies.

About this Topic