Upon visiting that blog.crypto.cat URL, Chrome tells me "Incorrect certificate for host / Error 150 (net::ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN): The server's certificate appears to be a forgery."
The main crypto.cat page loads fine over HTTPS (certificate has sha1 thumbprint d1aa1c1037202e359f224e407d7f84a0e8a94dd7 which i see is advertised on the erroring blog.crypto.cat page).
Why has the certificate changed? Why did the CA signing the SSL certificate change? Is there any forwarding message signed by the original certificate?
