Attention

New x509 SSL Certificates is now available for download.

Summary

Metapack places significant focus on platform availability, performance and security. As part of our SSL Certificate solution, we renew certs annually.
The current certs for metapack.com and metapack.net are due for renewal on June 18th 2025 at 00:59 BST.
We will be updating the certificate prior to this deadline and replace the certificate on June 10th 2025 at 06:00 BST.

You will need to update this certificate if your systems do not allow for automatic certificate updates.
Furthermore if you also install the *.metapack.net x509 certificate locally and it is not configured to auto update, you must manually install the newly renewed *.metapack.net Certificate

What do you need to do?

MetaPack advises customers to follow best practice guidelines for SSL Certificates, by including Root and Intermediate Certificates in all applications and hardware that support X.509 certificate functionality, including Internet browsers, operating systems etc.

To install the X509 and intermediate certificate locally please follow the instruction below.

Steps to install SSL Certificates

This is a simple guide on how to download and import the ssl certificates.
Alternately you may use want download the certificate from the Certification Authority's(CA) website directly. However you may need to convert the certificate to a format that is compatible with the import tool of choice. MetaPack's CA is Digicert.

The Root and Intermediate Certificate can be downloaded here: https://www.digicert.com/digicert-root-certificates.htm#intermediates
Please use DigiCert Global Root G2 (for Root) and DigiCert Global G2 TLS RSA SHA256 2020 CA1 (for intermediate):

Root Certificate

DigiCert Global Root G2

Valid until: 15 Jan 2038
Serial #: 03:3A:F1:E6:A7:11:A9:A0:BB:28:64:B1:1D:09:FA:E5
Thumbprint: DF:3C:24:F9:BF:D6:66:76:1B:26:80:73:FE:06:D1:CC:8D:4F:82:A4

Demo Sites for Root:

Active Certificate | expired | revoked

Download

Intermediate Certificate

DigiCert Global G2 TLS RSA SHA256 2020 CA1

Issuer: DigiCert Global G2 TLS RSA SHA256 2020 CA1
Valid until: 29th Mar 2031
Serial #: 0c:f5:bd:06:2b:56:02:f4:7a:b8:50:2c:23:cc:f0:66
Thumbprint: 1B:51:1A:BE:AD:59:C6:CE:20:70:77:C0:BF:0E:00:43:B1:38:26:12

Download

x509 Certificate

MetaPack SSL certificate (PEM Format)

Issuer: DigiCert (*.pem format)
Valid until: 20 June 2026 at 00:59:59

Download

x509 Certificate

MetaPack SSL certificate (CRT Format)

Issuer: DigiCert (*.crt format)
Valid until: 20 June 2026 at 00:59:59

Download

x509 Certificate

MetaPack SSL certificate (CER Format)

Issuer: DigiCert (*.cer format)
Valid until: 20 June 2026 at 00:59:59

Download

Install SSL Certificates - Windows

Download the certificate attached above.
Right-click ‘Start’ and select ‘Run’.
Type in ‘mmc’ and click ‘OK’.
On the ‘User Account Control’ screen click ‘Yes’.
Once ‘Microsoft Management Console’ opens click ‘File’ and select ‘Add/Remove Snap-in’.
In the left menu select ‘Certificates’ and click ‘Add’.
On the next screen click the radio button next to ‘Computer account’ and click ‘Next’.
Click ‘Finish’.
Once you are returned to the ‘Add or Remove Snap-ins’ screen click ‘OK’.
In the Microsoft Management Console’ window click on ‘Certificates (Local Computer)’.
Right-click on ‘Trusted Root Certificate Authorities’ in the left pane and select ‘All Tasks’ and then ‘Import’.
Click ‘Next’ in the ‘Certificate Import Wizard’.
Browse to where you saved the Securly certificate and select it. Then click ‘Open’.
On the Certificate Store window ensure that it says ‘Trusted Root Certificate Authorities’ and click ‘Next’.
Click ‘Finish’ and then 'OK'
You should see the Securly certificate showing in the certificates folder at this point.

Note: More detailed manual for the SSL Cert installation on Windows can be found here.

Install SSL Certificates - OSX

Download the MetaPack certificate *.pem file from above
Navigate to Finder > Applications > Utilities > Keychain Access
Select ‘System’ in the left-hand column.
Open ‘File > Import Items’ and import the certificate files into the ‘System’ keychain.

Note: More detailed manual for the SSL Cert installation on OSX can be found here.

Import the SSL cert into the Java cacerts Keystore - Linux

Download the MetaPack certificate *.cer file from above
Run following command: keytool -import -alias metapack -file star_metapack_net.cer -keystore exampleraystore

Note: More detailed manual for the Import of the Certificate as a Trusted Certificate here.

Testing new cert in a test environment

In order to tests connections to MetaPack endpoints using the updated SSL cert it is required to modify the hosts file on the machine which tests are running from.

Please edit the hosts file:

Windows:

Getting the IP to use in the hosts file for testing.

ping wildcard.metapack.net.edgekey-staging.net

Output example:

Pinging e3323.b.akamaiedge-staging.net [23.201.224.24] with 32 bytes of data:
Reply from 23.201.224.24: bytes=32 time=23ms TTL=43

Edit the hosts file: C:\Windows\System32\drivers\etc\hosts

Validity Period
Issued On Friday 17 May 2024 at 01:00:00
Expires On Wednesday 18 June 2025 at 00:59:59 GMT

Linux:

dig wildcard.metapack.net.edgekey-staging.net +short

Output example:

e3323.b.akamaiedge-staging.net.
23.47.41.68

/etc/hosts

 
                openssl s_client -showcerts -servername 'ENTER HOSTNAME HERE' -connect 'ENTER HOSTNAME HERE':443 <<< "Q"| openssl x509 -text | grep -iA2 "Validity"


                openssl s_client -showcerts -servername dm.metapack.com -connect dm.metapack.com:443 <<< "Q"| openssl x509 -text | grep -iA2 "Validity"

Output (example)

depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root G2
verify return:1
depth=1 C = US, O = DigiCert Inc, CN = DigiCert Global G2 TLS RSA SHA256 2020 CA1
verify return:1
depth=0 C = US, ST = Texas, L = Austin, O = Auctane LLC, CN = *.metapack.net
verify return:1
DONE
    Validity
       Not Before: Jun 30 00:00:00 2023 GMT
       Not After : Jun 29 23:59:59 2024 GMT