The SSL cert for the MathJax CDN is invalid and URL is not protocol agnostic

[joelhullcio]

The SSL cert for this URL is invalid: https://cdn.mathjax.org/mathjax/latest/MathJax.js
I realize the notebook code uses http:// for this url but our site uses https:// so when a notebook requests the MathJax.js file it gives an insecure content error.

However, when I hit the URL with https:// it gives an invalid certificate error.

I realize there is an https CDN at Rackspace but notebook only uses it when a certfile is present. We host the notebook for many users so maintaining a certfile in the profile is not practical.

1> Can you install a valid cert for cdn.mathjax.org?
2> Can you make the CDN URL protocol agnostic so it will use the same protocol as the site that is hosting it. In other words, remove the http from the beginning of the URL so it starts with just the two slashes, like this:

   //cdn.mathjax.org/mathjax/latest/MathJax.js

[minrk]

1. I think there's a reason cdn.mathjax.org can't get a valid certfile, otherwise they would already serve https from there.
2. We can't use //cdn.mathjax.org/mathjax/latest/MathJax.js, because it doesn't have a valid certificate.

There are two fairly easy configuration solutions:

1. You can set the mathjax url configurable in your own custom deployment, it's just:

   c.NotebookApp.mathjax_url = 'https://c328740.ssl.cf1.rackcdn.com/mathjax/latest/MathJax.js'

2. Or you can ship your own copy of mathjax, and serve it from the same server (many people serve mathjax locally on their own laptop, since it's much faster than using a CDN).

[ellisonbg]

@minrk do you think we can close this?

[minrk]

This is actually fixed. We serve from the rackcdn url if HTTPS is being used, so the cert works properly.

[pkra]

Please update to https://cdn.mathjax.org -- the Rackspace URL will be retired soon. See http://www.mathjax.org/upcoming-changes-to-the-cdn/ for more information.

[minrk]

@pkra thanks, see #6134.