Active Topics

 


Reply
Thread Tools
Posts: 22 | Thanked: 18 times | Joined on Mar 2021
#1
Dear TMO community,


Wanting to browse to https://openrepos.net/content/ancelad/n9-repomirror, the Harmattan browser is unable to open the page. I tried other pages, and I think the ones failing are using Let’s Encrypt certificates. https://letsencrypt.org/ also does not open: „Seite kann nicht geöffnet werden“.

Can you confirm that? Do you know of a workaround?


Kind regards,

PaulePanter
 

The Following User Says Thank You to PaulePanter For This Useful Post:
Posts: 22 | Thanked: 18 times | Joined on Mar 2021
#2
Dear TMO community, offering the package on a local HTTP server worked around the issue. Setting up a proxy might work to. Thanks, PaulePanter
 

The Following User Says Thank You to PaulePanter For This Useful Post:
Posts: 22 | Thanked: 18 times | Joined on Mar 2021
#3
Dear TMO community,


I also found the URL below.

http://maedevu.maemo.org/images/n9/n....7.2_armel.deb

Of course everybody has to decide for themselves if random packages on the Internet should be trusted.


Thanks,

PaulePanter
 

The Following User Says Thank You to PaulePanter For This Useful Post:
peterleinchen's Avatar
Posts: 4,118 | Thanked: 8,901 times | Joined on Aug 2010 @ Ruhrgebiet, Germany
#4
Certificates:
Maybe take a look here:
https://talk.maemo.org/showthread.ph...47&postcount=8

local HTTP:
normally downloading package via PC, putting it on MyDocs and tapping it with the internal file browser works well enough (untrusted software installation allowed in settings).

random packages:
this site is to be trusted (but same concern would apply to all openrepos packages).
__________________
SIM-Switcher, automated SIM switching with a Double (Dual) SIM adapter
--
Thank you all for voting me into the Community Council 2014-2016!

Please consider your membership / supporting Maemo e.V. and help to spread this by following/copying this link to your TMO signature:
[MC eV] Maemo Community eV membership application, http://talk.maemo.org/showthread.php?t=94257

editsignature, http://talk.maemo.org/profile.php?do=editsignature
 

The Following User Says Thank You to peterleinchen For This Useful Post:
Posts: 22 | Thanked: 18 times | Joined on Mar 2021
#5
Dear peterleinchen,


As always thank you for your answer.

Originally Posted by peterleinchen View Post
Certificates:
Maybe take a look here:
https://talk.maemo.org/showthread.ph...47&postcount=8
Thank you. That is probably going to help. I am still a little confused though, why certain pages cannot be opened, while with others I am asked to trust the “invalid” certificate.

Code:
$ curl --tlsv1.1 --http1.1 -I https://letsencrypt.org
HTTP/1.1 200 OK
But I am ask to trust the certificate of https://www.dfn.de (not using Let’s Encrypt).

Originally Posted by peterleinchen View Post
local HTTP:
normally downloading package via PC, putting it on MyDocs and tapping it with the internal file browser works well enough (untrusted software installation allowed in settings).
Thanks. I totally for got about that way. I was so focused on the terminal and not having Wget or curl at my disposal, that I then only thought about the Harmattan browser (which all the guides reference).

Originally Posted by peterleinchen View Post
random packages:
this site is to be trusted (but same concern would apply to all openrep
Indeed, I just trust OpenRepos.net a little more.


Thanks,

PaulePanter
 

The Following User Says Thank You to PaulePanter For This Useful Post:
peterleinchen's Avatar
Posts: 4,118 | Thanked: 8,901 times | Joined on Aug 2010 @ Ruhrgebiet, Germany
#6
Sorry, confused about your dfn.de?

But why some does not open at all and why just claim invalid cert is due to some site require newer tls version than n9 stock browser can handle.
__________________
SIM-Switcher, automated SIM switching with a Double (Dual) SIM adapter
--
Thank you all for voting me into the Community Council 2014-2016!

Please consider your membership / supporting Maemo e.V. and help to spread this by following/copying this link to your TMO signature:
[MC eV] Maemo Community eV membership application, http://talk.maemo.org/showthread.php?t=94257

editsignature, http://talk.maemo.org/profile.php?do=editsignature
 

The Following User Says Thank You to peterleinchen For This Useful Post:
Posts: 22 | Thanked: 18 times | Joined on Mar 2021
#7
Dear peterleinchen,


Originally Posted by peterleinchen View Post
Sorry, confused about your dfn.de?
It was just an example, where the N9 stock browser asks me to trust the certificate, although the root certificate is not trusted.

Originally Posted by peterleinchen View Post
But why some does not open at all and why just claim invalid cert is due to some site require newer tls version than n9 stock browser can handle.
Unfortunately, I am not able to confirm, that it’s TLS version related. The Let’s Encrypt Web site is available using TLS 1.0 and TLS 1.1.

Code:
$ curl --tlsv1.0 --http1.1 -I https://letsencrypt.org
HTTP/1.1 200 OK
Cache-Control: public, max-age=0, must-revalidate
Content-Security-Policy: default-src 'none'; font-src 'self'; style-src 'unsafe-inline' 'self'; script-src 'unsafe-eval' 'unsafe-inline' 'self' data: https://www.google-analytics.com https://www.googleadservices.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://donorbox.org https://js.stripe.com/v3/ https://sdks.shopifycdn.com ; img-src 'self' data: blob: https://www.google-analytics.com https://www.paypal.com https://www.paypalobjects.com https://ak2s.abmr.net https://ak1s.abmr.net https://www.google.com https://cdn.shopify.com https://v.shopify.com ; frame-src https://donorbox.org https://www.youtube.com https://www.youtube-nocookie.com https://bid.g.doubleclick.net https://js.stripe.com/v3/ https://js.stripe.com/v2/ ; connect-src 'self' https://d4twhgtvn0ff5.cloudfront.net/ https://letsencrypt-merch.myshopify.com https://monorail-edge.shopifysvc.com ;
Content-Type: text/html; charset=UTF-8
Date: Mon, 08 Mar 2021 19:53:32 GMT
Etag: "19873a3066d9bf6b89cb7caa96d7f08f-ssl"
Feature-Policy: geolocation none; midi none; notifications none; push none; sync-xhr none; microphone none; camera none; magnetometer none; gyroscope none; speaker self; vibrate none; fullscreen self;
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Age: 41554
Content-Length: 31102
Connection: keep-alive
Server: Netlify
X-NF-Request-ID: fa8be451-de71-479d-ac5f-b2bd9453c353-3824212

Thanks,

PaulePanter
 

The Following User Says Thank You to PaulePanter For This Useful Post:
Reply


 
Forum Jump


All times are GMT. The time now is 12:34.