Active Topics

 


Reply
Thread Tools
Posts: 329 | Thanked: 422 times | Joined on Feb 2011 @ derpton
#11
Let's Encrypt gives out free certificates, there is no excuse not to use SSL.
 

The Following 6 Users Say Thank You to herpderp For This Useful Post:
Posts: 1,288 | Thanked: 4,316 times | Joined on Oct 2014
#12
Originally Posted by Dave999 View Post
Yes, as long as it's small amounts like Jolla tablets scam, but usually don't since most ones have it.

It's also crucial to have a few bankers you can trust

But now I will leave this thread.

So who is Master of the certificates around here?
Doesn't matter , small, large , if you get your credentials, bank act, credit card number stolen.
 

The Following User Says Thank You to nieldk For This Useful Post:
Posts: 123 | Thanked: 268 times | Joined on Dec 2009 @ Helsinki, Finland
#13
NielDK, the expired certificate says:
Subject: C=DE, CN=talk.maemo.org/emailAddress=falk@fourecks.de
 

The Following 4 Users Say Thank You to Tsippaduida For This Useful Post:
Posts: 1,288 | Thanked: 4,316 times | Joined on Oct 2014
#14
Originally Posted by Tsippaduida View Post
NielDK, the expired certificate says:
Subject: C=DE, CN=talk.maemo.org/emailAddress=falk@fourecks.de
Yes, Falk Stern (fstern), is the person for this, I have DMed him.
 

The Following 6 Users Say Thank You to nieldk For This Useful Post:
Posts: 1,808 | Thanked: 4,272 times | Joined on Feb 2011 @ Germany
#15
A new certificate is in place (thanks @warfare!).
 

The Following 11 Users Say Thank You to reinob For This Useful Post:
peterleinchen's Avatar
Posts: 4,117 | Thanked: 8,901 times | Joined on Aug 2010 @ Ruhrgebiet, Germany
#16
Originally Posted by Bundyo View Post
Well, happy MitM then
Originally Posted by nieldk View Post
Hmm that's tempting ...
Niel, are you fooling us?

Or is it only me having 'problems' with that new cert?
PHP Code:
Dem Zertifikat wird nicht vertrautweil das Aussteller-Zertifikat unbekannt ist.

(
Fehlercodesec_error_unknown_issuer
After adding an exception the site gets certified by startcom (on N900).
But on N900, N9 and also Jolla I need to add an exception.

This is what openssl says:
Code:
~ $ openssl s_client -connect maemo.org:443
CONNECTED(00000003)
depth=0 /C=DE/CN=www.maemo.org
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /C=DE/CN=www.maemo.org
verify error:num=27:certificate not trusted
verify return:1
depth=0 /C=DE/CN=www.maemo.org
verify error:num=21:unable to verify the first certificate
verify return:1
5401:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:



~ $ openssl s_client -servername maemo.org -connect maemo.org:443
CONNECTED(00000003)
depth=0 /C=DE/CN=www.maemo.org
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /C=DE/CN=www.maemo.org
verify error:num=27:certificate not trusted
verify return:1
depth=0 /C=DE/CN=www.maemo.org
verify error:num=21:unable to verify the first certificate
verify return:1
5405:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:



~ $ openssl s_client -servername maemo.org -bugs  -showcerts  -co
nnect maemo.org:443
CONNECTED(00000003)
depth=0 /C=DE/CN=www.maemo.org
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /C=DE/CN=www.maemo.org
verify error:num=27:certificate not trusted
verify return:1
depth=0 /C=DE/CN=www.maemo.org
verify error:num=21:unable to verify the first certificate
verify return:1
5448:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:
Possibly this helps:
Code:
~ $ openssl s_client -servername www.maemo.org -bugs  -showcerts 
 -connect maemo.org:443
CONNECTED(00000003)
5604:error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:reason(1112):s23_clnt.c:599:
Something wrong with redirection of the VMs?
__________________
SIM-Switcher, automated SIM switching with a Double (Dual) SIM adapter
--
Thank you all for voting me into the Community Council 2014-2016!

Please consider your membership / supporting Maemo e.V. and help to spread this by following/copying this link to your TMO signature:
[MC eV] Maemo Community eV membership application, http://talk.maemo.org/showthread.php?t=94257

editsignature, http://talk.maemo.org/profile.php?do=editsignature

Last edited by peterleinchen; 2016-08-07 at 20:33.
 

The Following 3 Users Say Thank You to peterleinchen For This Useful Post:
Posts: 1,288 | Thanked: 4,316 times | Joined on Oct 2014
#17
Yes, this certificate is missing on the device.
Same issue on my oneplus x.

https://www.startssl.com/certs/sca.server1.crt

Once that is added the trust issue disappears. Although my oneplus warns that I might be MiTM'led
 

The Following 2 Users Say Thank You to nieldk For This Useful Post:
pichlo's Avatar
Posts: 6,445 | Thanked: 20,981 times | Joined on Sep 2012 @ UK
#18
How come I do not have any problems?
__________________
Русский военный корабль, иди нахуй!
 

The Following 2 Users Say Thank You to pichlo For This Useful Post:
Posts: 35 | Thanked: 504 times | Joined on Jan 2013 @ Germany
#19
Originally Posted by peterleinchen View Post
Niel, are you fooling us?

Or is it only me having 'problems' with that new cert?
PHP Code:
Dem Zertifikat wird nicht vertrautweil das Aussteller-Zertifikat unbekannt ist.

(
Fehlercodesec_error_unknown_issuer
Apparently I included the wrong chain certificate in the config - this should be fixed now.

Best,

Falk
__________________
--
We reject kings, presidents and voting.
We believe in rough consensus and running code.
- David Clark
 

The Following 9 Users Say Thank You to fstern For This Useful Post:
pichlo's Avatar
Posts: 6,445 | Thanked: 20,981 times | Joined on Sep 2012 @ UK
#20
That still does not explain why I had no problems. On a Jolla and two PCs.
__________________
Русский военный корабль, иди нахуй!
 

The Following 3 Users Say Thank You to pichlo For This Useful Post:
Reply

Thread Tools

 
Forum Jump


All times are GMT. The time now is 08:58.