On Thu, 06 Aug 2020, Stéphane Glondu wrote: > Le 05/08/2020 à 14:36, Raphael Hertzog a écrit : > >> tracker.debian.org does not seem to respond or responds always empty > >> pages (no error) when I use a client certificate. > > > > I don't have the issue with my own certificate. > > > > I see this in the error log: > > [Wed Aug 05 11:17:05.798925 2020] [ssl:error] [pid 31979:tid > > 140564909500160] [client 80.227.5.106:40019] AH02039: Certificate > > Verification: Error (66): EE certificate key too weak > > [Wed Aug 05 11:59:09.029731 2020] [ssl:error] [pid 31979:tid > > 140565890987776] [client 80.227.5.106:9418] AH02039: Certificate > > Verification: Error (66): EE certificate key too weak > > This is not my IP address.
Looking at your mail headers, I found 152.81.9.54 and I got similar logs: hertzog@ticharich:~$ grep 152.81.9.54 /var/log/apache2/tracker.debian.org-error.log [Thu Aug 06 07:57:16.520838 2020] [ssl:error] [pid 29597:tid 140564724860672] [client 152.81.9.54:55460] AH02039: Certificate Verification: Error (66): EE certificate key too weak [Thu Aug 06 07:57:48.093622 2020] [ssl:error] [pid 29597:tid 140564909500160] [client 152.81.9.54:55462] AH02039: Certificate Verification: Error (10): certificate has expired > When I first encountered the error, I realised my certificate was > expired. Then, I generated a new certificate. I still get the > undesirable behaviour with the new certificate. I'm not sure what else I can do to help you here. I'm putting DSA in copy in case they know what's going on here. I never had such an issue. Did you drop you old certificate and restart your browser? Cheers, -- ⢀⣴⠾⠻⢶⣦⠀ Raphaël Hertzog <hert...@debian.org> ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋ The Debian Handbook: https://debian-handbook.info/get/ ⠈⠳⣄⠀⠀⠀⠀ Debian Long Term Support: https://deb.li/LTS
