Occasionally over the past few months, devices (phones / computers) on our network have complained about certificate validation failures for well-known sites—GMail, iCloud, GCalendar, and as one can see below, PagerDuty. It looks very much like the modem's cert is being presented to the client, rather than the site's; this gives me the heeby-jeebies. This happens on our computers (all MacOS) and phones (iOS and Android). iOS pictured:
While the user didn't provide much technical detail on this post from 3 years ago on the ATT forums (https://forums.att.com/conversations/at ... f606832ea9), the symptoms being described are similar (also worrying is ATT support's implying that the user should disable some privacy controls in Chrome).
Is there a simple explanation that can account for why this happens? My default reaction is to Be Very Concerned.
While the user didn't provide much technical detail on this post from 3 years ago on the ATT forums (https://forums.att.com/conversations/at ... f606832ea9), the symptoms being described are similar (also worrying is ATT support's implying that the user should disable some privacy controls in Chrome).
Is there a simple explanation that can account for why this happens? My default reaction is to Be Very Concerned.