nanog mailing list archives
Re: Google and Coronavirus Tech Handbook
From: Eric Tykwinski <eric-list () truenet com>
Date: Fri, 20 Mar 2020 16:40:26 -0400
Alex, Rob, So I advised to run through Qualsys’s SSL Test: https://www.ssllabs.com/ssltest/analyze.html?d=coronavirustechhandbook.com <https://www.ssllabs.com/ssltest/analyze.html?d=coronavirustechhandbook.com> It’s pretty much fine, I did manually run though LibreSSL 2.6.5 with OSX 10.14.6 and it errors out, but that’s usually an edge case. ____________ eric$ openssl s_client -connect coronavirustechhandbook.com:443 -showcerts -tls1_2 -crlf CONNECTED(00000006) 4526024300:error:14004410:SSL routines:CONNECT_CR_SRVR_HELLO:sslv3 alert handshake failure:/BuildRoot/Library/Caches/com.apple.xbs/Sources/libressl/libressl-22.260.1/libressl-2.6/ssl/ssl_pkt.c:1205:SSL alert number 40 4526024300:error:140040E5:SSL routines:CONNECT_CR_SRVR_HELLO:ssl handshake failure:/BuildRoot/Library/Caches/com.apple.xbs/Sources/libressl/libressl-22.260.1/libressl-2.6/ssl/ssl_pkt.c:585: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 0 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: Start Time: 1584736646 Timeout : 7200 (sec) Verify return code: 0 (ok) --- Sincerely, Eric Tykwinski TrueNet, Inc. P: 610-429-8300
On Mar 20, 2020, at 4:34 PM, Alexandre Petrescu <alexandre.petrescu () gmail com> wrote: please stop writing me private emails, thank you, with due politeness and smiley :-) Alex, LF/HF 2 Le 20/03/2020 à 19:40, Rob Pickering a écrit :On Fri, 20 Mar 2020 at 18:11, Alexandre Petrescu <alexandre.petrescu () gmail com <mailto:alexandre.petrescu () gmail com>> wrote: CA==Certificate Authority the browser makes me questions before allowing me to see the content, after I click the indicated URL LF/HF What root CA list are you using? I'm not at all involved in their hosting, but it looks like they are sitting behind Cloudflare SSL which is trusted by the default CA list of the browser vendor on my desktop. -- Rob Pickering, rob () pickering org <mailto:rob () pickering org>
Current thread:
- Google and Coronavirus Tech Handbook Rob Pickering (Mar 20)
- Re: Google and Coronavirus Tech Handbook Alexandre Petrescu (Mar 20)
- Re: Google and Coronavirus Tech Handbook Rob Pickering (Mar 20)
- Re: Google and Coronavirus Tech Handbook Alexandre Petrescu (Mar 20)
- Re: Google and Coronavirus Tech Handbook Rob Pickering (Mar 20)
- Re: Google and Coronavirus Tech Handbook Alexandre Petrescu (Mar 20)
- Re: Google and Coronavirus Tech Handbook Alexandre Petrescu (Mar 20)
- Re: Google and Coronavirus Tech Handbook Alexandre Petrescu (Mar 20)
- Re: Google and Coronavirus Tech Handbook Rob Pickering (Mar 20)
- Re: Google and Coronavirus Tech Handbook Alexandre Petrescu (Mar 20)
- Re: Google and Coronavirus Tech Handbook Eric Tykwinski (Mar 20)
- Re: Google and Coronavirus Tech Handbook Alexandre Petrescu (Mar 20)
- Re: Google and Coronavirus Tech Handbook Alexandre Petrescu (Mar 20)
- Re: Google and Coronavirus Tech Handbook Alexandre Petrescu (Mar 20)
- Re: Google and Coronavirus Tech Handbook Rob Pickering (Mar 20)
- Re: Google and Coronavirus Tech Handbook Alexandre Petrescu (Mar 20)
- Re: Google and Coronavirus Tech Handbook Rob Pickering (Mar 20)
- Re: Google and Coronavirus Tech Handbook Alexandre Petrescu (Mar 20)