Provider.json isn't downloaded without danger_on set to true
The problem is that we tried to download provider.json using provider's ca.crt certificate instead of the commercial one that page uses.
provider's ca.crt should be used only in api.provider connections
(from redmine: created on 2014-04-23, closed on 2014-04-23)