Igor Kromin |   Consultant. Coder. Blogger. Tinkerer. Gamer.

NOTE: This article is 3 years or older so its information may no longer be relevant. Read on at your own discretion! Comments for this article have automatically been locked, refer to the FAQ for more details.
I've been checking Hilton's website on a regular basis this week (I travel on a weekly basis). For the entirety of this week, it's been giving me an SSL error - Safari can't verify the identity of the website "www3.hilton.com". It looks like the certificate is for a248.e.akamai.net. Now there is no reason not to trust Akamai, but having the wrong certificate for a domain is always a problem.


Update (16-June-2015): It took Hilton 10 days to respond to my email informing them of this issue. The SSL problem persisted for days later and now it looks like they've disabled redirection from http to https sites. When accessing the https site manually, the SSL certificate is still wrong. Two weeks later, it's not fixed properly.


I guess someone installed the wrong certificate when updating Hilton's servers. Ooops, right?!
hiltoncert1.png


The Symantec SSL Toolbox confirms this.
hiltoncert2.png




So for now I will be staying away from Hilton's site for any reservations, at least until they fix their certificate issue.

-i

Skip down to comments...
A quick disclaimer...

Although I put in a great effort into researching all the topics I cover, mistakes can happen. If you spot something out of place, please do let me know.

All content and opinions expressed on this Blog are my own and do not represent the opinions of my employer (Oracle). Use of any information contained in this blog post/article is subject to this disclaimer.
 
comments powered by Disqus
Other posts you may like...