[squid-users] wiki.squid-cache.org has invalid SSL certificate
Walter H.
Walter.H at mathemainzel.info
Sat Jan 23 13:15:29 UTC 2021
On 23.01.2021 13:07, Matus UHLAR - fantomas wrote:
> On 22.01.21 15:32, Alex Rousskov wrote:
>> On 1/22/21 3:10 PM, Walter H. wrote:
>>
>>> https://www.ssllabs.com/ssltest/analyze.html?d=wiki.squid-cache.org
>>> there is an invalid certificate as the intermediate
>>
>> FWIW, I see nothing marked as "invalid" on that page, even after
>> clicking on one of the two servers and expanding the "Certification
>> Paths" group. The "certificate" score is 100%/Green.
>>
>> The service does show one missing intermediate certificate ("certificate
>> chain is incomplete" and "extra download" annotations), which the
>> service was able to successfully download and validated. This extra work
>> reduced our overall score from A to B AFAICT. This is expected per Squid
>> Project NOC AFAICT.
>>
>> It may help if you provide more details about the "invalid" annotations
>> that _you_ see on that report.
>
> this may be obsolete info, both server certificate and intermediate were
> signes last synday (Jan 17).
>
> I have noticed similar problems for some letsencrypt certificates last
> month.
the reason: Let's encrypt changed the interediate, see here:
https://letsencrypt.org/certificates/
https://wiki.squid-cache.org/
got a new SSL certificate but the chain still has the old X3 instead of
R3 ...
Thanks
Walter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3511 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20210123/9a25ea13/attachment.bin>
More information about the squid-users
mailing list