maemo.org - Talk
Page 2 of 4 1 2 34
Show 40 post(s) from this thread on one page

maemo.org - Talk (https://talk.maemo.org/index.php)
-   Community (https://talk.maemo.org/forumdisplay.php?f=16)
-   -   SSL certificate for talk.maemo.org expired (https://talk.maemo.org/showthread.php?t=97116)

herpderp 2016-08-01 21:17
Re: SSL certificate for talk.maemo.org expired
 
Let's Encrypt gives out free certificates, there is no excuse not to use SSL.

nieldk 2016-08-01 21:20
Re: SSL certificate for talk.maemo.org expired
 
Quote:
Originally Posted by Dave999 (Post 1511495)
Yes, as long as it's small amounts like Jolla tablets scam, but usually don't since most ones have it. :D

It's also crucial to have a few bankers you can trust ;)

But now I will leave this thread.

So who is Master of the certificates around here?
Doesn't matter , small, large , if you get your credentials, bank act, credit card number stolen.

Tsippaduida 2016-08-02 05:41
Re: SSL certificate for talk.maemo.org expired
 
NielDK, the expired certificate says:
Subject: C=DE, CN=talk.maemo.org/emailAddress=falk@fourecks.de

nieldk 2016-08-02 06:10
Re: SSL certificate for talk.maemo.org expired
 
Quote:
Originally Posted by Tsippaduida (Post 1511506)
NielDK, the expired certificate says:
Subject: C=DE, CN=talk.maemo.org/emailAddress=falk@fourecks.de
Yes, Falk Stern (fstern), is the person for this, I have DMed him.

reinob 2016-08-02 19:34
Re: SSL certificate for talk.maemo.org expired
 
A new certificate is in place (thanks @warfare!).

peterleinchen 2016-08-07 20:18
Re: SSL certificate for talk.maemo.org expired
 
Quote:
Originally Posted by Bundyo (Post 1511485)
Well, happy MitM then :)
Quote:
Originally Posted by nieldk (Post 1511489)
Hmm that's tempting ...
Niel, are you fooling us? ;)

Or is it only me having 'problems' with that new cert?
PHP Code:
Dem Zertifikat wird nicht vertrautweil das Aussteller-Zertifikat unbekannt ist.

(Fehlercodesec_error_unknown_issuer
After adding an exception the site gets certified by startcom (on N900).
But on N900, N9 and also Jolla I need to add an exception.

This is what openssl says:
Code:
~ $ openssl s_client -connect maemo.org:443
CONNECTED(00000003)
depth=0 /C=DE/CN=www.maemo.org
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /C=DE/CN=www.maemo.org
verify error:num=27:certificate not trusted
verify return:1
depth=0 /C=DE/CN=www.maemo.org
verify error:num=21:unable to verify the first certificate
verify return:1
5401:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:



~ $ openssl s_client -servername maemo.org -connect maemo.org:443
CONNECTED(00000003)
depth=0 /C=DE/CN=www.maemo.org
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /C=DE/CN=www.maemo.org
verify error:num=27:certificate not trusted
verify return:1
depth=0 /C=DE/CN=www.maemo.org
verify error:num=21:unable to verify the first certificate
verify return:1
5405:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:



~ $ openssl s_client -servername maemo.org -bugs  -showcerts  -co
nnect maemo.org:443
CONNECTED(00000003)
depth=0 /C=DE/CN=www.maemo.org
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /C=DE/CN=www.maemo.org
verify error:num=27:certificate not trusted
verify return:1
depth=0 /C=DE/CN=www.maemo.org
verify error:num=21:unable to verify the first certificate
verify return:1
5448:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:
Possibly this helps:
Code:
~ $ openssl s_client -servername www.maemo.org -bugs  -showcerts
 -connect maemo.org:443
CONNECTED(00000003)
5604:error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:reason(1112):s23_clnt.c:599:
Something wrong with redirection of the VMs?

nieldk 2016-08-07 21:02
Re: SSL certificate for talk.maemo.org expired
 
Yes, this certificate is missing on the device.
Same issue on my oneplus x.

https://www.startssl.com/certs/sca.server1.crt

Once that is added the trust issue disappears. Although my oneplus warns that I might be MiTM'led ;)

pichlo 2016-08-07 21:42
Re: SSL certificate for talk.maemo.org expired
 
How come I do not have any problems?

fstern 2016-08-08 08:22
Re: SSL certificate for talk.maemo.org expired
 
Quote:
Originally Posted by peterleinchen (Post 1511963)
Niel, are you fooling us? ;)

Or is it only me having 'problems' with that new cert?
PHP Code:
Dem Zertifikat wird nicht vertrautweil das Aussteller-Zertifikat unbekannt ist.

(Fehlercodesec_error_unknown_issuer
Apparently I included the wrong chain certificate in the config - this should be fixed now.

Best,

Falk

pichlo 2016-08-08 08:27
Re: SSL certificate for talk.maemo.org expired
 
That still does not explain why I had no problems. On a Jolla and two PCs.


All times are GMT. The time now is 17:22.
Page 2 of 4 1 2 34
Show 40 post(s) from this thread on one page

vBulletin® Version 3.8.8