SSL certificate for talk.maemo.org expired - Page 2 - maemo.org

Active Topics

Sailfish OS for the Motorola Moto G7 Power (XT1955-5) - (ocean) (3)
to SailfishOS by edp17 - 2 hrs, 17 mins ago
The N900 is now 15 years old! (6)
to Nokia N900 by Macros - 1 day, 6 hrs ago
F(x)tec Pro1x (QWERTY) for sale (0)
to Buy & Sell by aln00000 - 1 day, 19 hrs ago
n770 youtube video (0)
to General by nmdv - 5 days, 18 hrs ago
more...

Page 2 of 4

< Prev

Next >

Thread Tools

herpderp	2016-08-01 , 21:17
Posts: 329 \| Thanked: 422 times \| Joined on Feb 2011 @ derpton	#11

Let's Encrypt gives out free certificates, there is no excuse not to use SSL.

Quote & Reply |

The Following 6 Users Say Thank You to herpderp For This Useful Post:
Dave999, juiceme, Macros, MartinK, nieldk, wicket

nieldk	2016-08-01 , 21:20
Posts: 1,293 \| Thanked: 4,319 times \| Joined on Oct 2014	#12

Originally Posted by Dave999

Yes, as long as it's small amounts like Jolla tablets scam, but usually don't since most ones have it.

It's also crucial to have a few bankers you can trust

But now I will leave this thread.

So who is Master of the certificates around here?

Doesn't matter , small, large , if you get your credentials, bank act, credit card number stolen.

__________________
You can still support my work by donation - click here

Quote & Reply |

The Following User Says Thank You to nieldk For This Useful Post:
juiceme

Tsippaduida	2016-08-02 , 05:41
Posts: 123 \| Thanked: 268 times \| Joined on Dec 2009 @ Helsinki, Finland	#13

NielDK, the expired certificate says:
Subject: C=DE, CN=talk.maemo.org/emailAddress=falk@fourecks.de

Quote & Reply |

The Following 4 Users Say Thank You to Tsippaduida For This Useful Post:
juiceme, MartinK, nieldk, reinob

nieldk	2016-08-02 , 06:10
Posts: 1,293 \| Thanked: 4,319 times \| Joined on Oct 2014	#14

Originally Posted by Tsippaduida

NielDK, the expired certificate says:
Subject: C=DE, CN=talk.maemo.org/emailAddress=falk@fourecks.de

Yes, Falk Stern (fstern), is the person for this, I have DMed him.

__________________
You can still support my work by donation - click here

Quote & Reply |

The Following 6 Users Say Thank You to nieldk For This Useful Post:
juiceme, MartinK, peterleinchen, reinob, Tsippaduida, wicket

reinob	2016-08-02 , 19:34
Posts: 1,808 \| Thanked: 4,272 times \| Joined on Feb 2011 @ Germany	#15

A new certificate is in place (thanks @warfare!).

Quote & Reply |

The Following 11 Users Say Thank You to reinob For This Useful Post:
Bundyo, Dave999, eekkelund, juiceme, Macros, mosen, mr_pingu, peterleinchen, Tsippaduida, WilliePre, Win7Mac

	peterleinchen	2016-08-07 , 20:18
	Posts: 4,118 \| Thanked: 8,901 times \| Joined on Aug 2010 @ Ruhrgebiet, Germany	#16

Originally Posted by Bundyo

Well, happy MitM then

Originally Posted by nieldk

Hmm that's tempting ...

Niel, are you fooling us?

Or is it only me having 'problems' with that new cert?

PHP Code:


			
Dem Zertifikat wird nicht vertraut, weil das Aussteller-Zertifikat unbekannt ist.



(Fehlercode: sec_error_unknown_issuer)

After adding an exception the site gets certified by startcom (on N900).
But on N900, N9 and also Jolla I need to add an exception.

This is what openssl says:

Code:

~ $ openssl s_client -connect maemo.org:443
CONNECTED(00000003)
depth=0 /C=DE/CN=www.maemo.org
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /C=DE/CN=www.maemo.org
verify error:num=27:certificate not trusted
verify return:1
depth=0 /C=DE/CN=www.maemo.org
verify error:num=21:unable to verify the first certificate
verify return:1
5401:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:



~ $ openssl s_client -servername maemo.org -connect maemo.org:443
CONNECTED(00000003)
depth=0 /C=DE/CN=www.maemo.org
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /C=DE/CN=www.maemo.org
verify error:num=27:certificate not trusted
verify return:1
depth=0 /C=DE/CN=www.maemo.org
verify error:num=21:unable to verify the first certificate
verify return:1
5405:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:



~ $ openssl s_client -servername maemo.org -bugs  -showcerts  -co
nnect maemo.org:443
CONNECTED(00000003)
depth=0 /C=DE/CN=www.maemo.org
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /C=DE/CN=www.maemo.org
verify error:num=27:certificate not trusted
verify return:1
depth=0 /C=DE/CN=www.maemo.org
verify error:num=21:unable to verify the first certificate
verify return:1
5448:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:

Possibly this helps:

Code:

~ $ openssl s_client -servername www.maemo.org -bugs  -showcerts 
 -connect maemo.org:443
CONNECTED(00000003)
5604:error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:reason(1112):s23_clnt.c:599:

Something wrong with redirection of the VMs?

__________________
SIM-Switcher, automated SIM switching with a Double (Dual) SIM adapter
--
Thank you all for voting me into the Community Council 2014-2016!

Please consider your membership / supporting Maemo e.V. and help to spread this by following/copying this link to your TMO signature:
[MC eV] Maemo Community eV membership application, http://talk.maemo.org/showthread.php?t=94257

editsignature, http://talk.maemo.org/profile.php?do=editsignature

Last edited by peterleinchen; 2016-08-07 at 20:33.

Quote & Reply |

The Following 3 Users Say Thank You to peterleinchen For This Useful Post:
juiceme, mr_pingu, nieldk

nieldk	2016-08-07 , 21:02
Posts: 1,293 \| Thanked: 4,319 times \| Joined on Oct 2014	#17

Yes, this certificate is missing on the device.
Same issue on my oneplus x.

https://www.startssl.com/certs/sca.server1.crt

Once that is added the trust issue disappears. Although my oneplus warns that I might be MiTM'led

__________________
You can still support my work by donation - click here

Quote & Reply |

The Following 2 Users Say Thank You to nieldk For This Useful Post:
juiceme, peterleinchen

	pichlo	2016-08-07 , 21:42
	Posts: 6,447 \| Thanked: 20,981 times \| Joined on Sep 2012 @ UK	#18

How come I do not have any problems?

__________________
Русский военный корабль, иди нахуй!

Quote & Reply |

The Following 2 Users Say Thank You to pichlo For This Useful Post:
juiceme, mr_pingu

fstern	2016-08-08 , 08:22
Posts: 35 \| Thanked: 504 times \| Joined on Jan 2013 @ Germany	#19

Originally Posted by peterleinchen

Niel, are you fooling us?

Or is it only me having 'problems' with that new cert?

PHP Code:

Dem Zertifikat wird nicht vertraut, weil das Aussteller-Zertifikat unbekannt ist. (Fehlercode: sec_error_unknown_issuer)

Apparently I included the wrong chain certificate in the config - this should be fixed now.

Best,

Falk

__________________
--
We reject kings, presidents and voting.
We believe in rough consensus and running code.
- David Clark

Quote & Reply |

The Following 9 Users Say Thank You to fstern For This Useful Post:
eekkelund, juiceme, MartinK, mosen, nieldk, panjgoori, peterleinchen, reinob, wicket