C'est trolldi ?
allez
openssl s_client -connect pop.orange.fr:995
Server certificate
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIQD8X+2HVPyiQK2DWK3Q32gDANBgkqhkiG9w0BAQUFADCB
tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm
VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTQxMDAz
MDAwMDAwWhcNMTUxMjEyMjM1OTU5WjB0MQswCQYDVQQGEwJGUjERMA8GA1UECAwI
QnJldGFnbmUxGDAWBgNVBAcMD0Nlc3Nvbi1TZXZpZ27DqTEPMA0GA1UECgwGT3Jh
bmdlMQ8wDQYDVQQLDAZPcmFuZ2UxFjAUBgNVBAMMDXBvcC5vcmFuZ2UuZnIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLXvrGoE2zxzeXHszHFFExxQS/
gI6O29iyP7LcHpvR20iNxrUedZ+pe4a4N+WWx+8HuX2YSj4kGVyAxg51YDRZIdcW
znvM6EsH4KB9pe4UbJscvVWfF0MoS/u8l/WP5V4Bdj12Xlwrg5Ydg9ovDRIljz/H
YmJ/JukfRprhk5AL/kTO1J20veOc/jbDK7P3tQGKIKfeEx69hnU3i33QJUBVVMIG
adOWC+UqLVStWVj+9pEhZb+ryvKOzu24Gls9U3DbcjY/fFSIp8v4RrBD0E4TqsVC
A9QQ75agoTt0obsiQZg2fzaB+TwCqVPNb2EOjsatQUvhOF5Ihrfu6qFwHSdbAgMB
AAGjggF2MIIBcjAoBgNVHREEITAfgg1wb3Aub3JhbmdlLmZygg5wb3Aud2FuYWRv
by5mcjAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF
BQcDAQYIKwYBBQUHAwIwZQYDVR0gBF4wXDBaBgpghkgBhvhFAQc2MEwwIwYIKwYB
BQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0
dHBzOi8vZC5zeW1jYi5jb20vcnBhMB8GA1UdIwQYMBaAFA1EXBZTRMGCfh0gqyX0
AWPYvnmlMCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9zZC5zeW1jYi5jb20vc2Qu
Y3JsMFcGCCsGAQUFBwEBBEswSTAfBggrBgEFBQcwAYYTaHR0cDovL3NkLnN5bWNk
LmNvbTAmBggrBgEFBQcwAoYaaHR0cDovL3NkLnN5bWNiLmNvbS9zZC5jcnQwDQYJ
KoZIhvcNAQEFBQADggEBAGNKPujBKLjpnW8SytpJ+rJt9vqNWMbpdyTd4W7pf3w4
IpdjxHqdiw2V+bsDTefSP2oxAzL4HwDGfN4wHbZYuP9yYfMMvCRzDOXcGb5Qk1JC
+hqhs7I1cuu9s1cJtyqhfuJM5UlFd5Rnofiqh0BVMhzUs3bEHeJAaxRTp9S6nWdC
FyMm6gJ+inTFyldiXr2dYGv2cAkKfejbIsgOTXovGihN398PPwCb6jzW4aGzZVvy
04aL3q7SIcvl5amt724b7grE5DOXT7fyfKtO4H5LqCtS+mPp+TPewePkmhGGRZzW
27bHEhzWpDsQuWaQUTHT4l13lb/1y5mqtOmQHYmGBtw=
-----END CERTIFICATE-----
et la version texte :
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:c5:fe:d8:75:4f:ca:24:0a:d8:35:8a:dd:0d:f6:80
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network,
OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class
3 Secure Server CA - G3
Validity
Not Before: Oct 3 00:00:00 2014 GMT
_*Not After : Dec 12 23:59:59 2015 GMT*_
Subject: C=FR, ST=Bretagne, L=Cesson-Sevign\xC3\xA9, O=Orange,
OU=Orange, CN=pop.orange.fr
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:cb:5e:fa:c6:a0:4d:b3:c7:37:97:1e:cc:c7:14:
51:31:c5:04:bf:80:8e:8e:db:d8:b2:3f:b2:dc:1e:
9b:d1:db:48:8d:c6:b5:1e:75:9f:a9:7b:86:b8:37:
e5:96:c7:ef:07:b9:7d:98:4a:3e:24:19:5c:80:c6:
0e:75:60:34:59:21:d7:16:ce:7b:cc:e8:4b:07:e0:
a0:7d:a5:ee:14:6c:9b:1c:bd:55:9f:17:43:28:4b:
fb:bc:97:f5:8f:e5:5e:01:76:3d:76:5e:5c:2b:83:
96:1d:83:da:2f:0d:12:25:8f:3f:c7:62:62:7f:26:
e9:1f:46:9a:e1:93:90:0b:fe:44:ce:d4:9d:b4:bd:
e3:9c:fe:36:c3:2b:b3:f7:b5:01:8a:20:a7:de:13:
1e:bd:86:75:37:8b:7d:d0:25:40:55:54:c2:06:69:
d3:96:0b:e5:2a:2d:54:ad:59:58:fe:f6:91:21:65:
bf:ab:ca:f2:8e:ce:ed:b8:1a:5b:3d:53:70:db:72:
36:3f:7c:54:88:a7:cb:f8:46:b0:43:d0:4e:13:aa:
c5:42:03:d4:10:ef:96:a0:a1:3b:74:a1:bb:22:41:
98:36:7f:36:81:f9:3c:02:a9:53:cd:6f:61:0e:8e:
c6:ad:41:4b:e1:38:5e:48:86:b7:ee:ea:a1:70:1d:
27:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Alternative Name:
DNS:pop.orange.fr, DNS:pop.wanadoo.fr
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client
Authentication
X509v3 Certificate Policies:
Policy: 2.16.840.1.113733.1.7.54
CPS: https://d.symcb.com/cps
User Notice:
Explicit Text: https://d.symcb.com/rpa
X509v3 Authority Key Identifier:
keyid:0D:44:5C:16:53:44:C1:82:7E:1D:20:AB:25:F4:01:63:D8:BE:79:A5
X509v3 CRL Distribution Points:
Full Name:
URI:http://sd.symcb.com/sd.crl
Authority Information Access:
OCSP - URI:http://sd.symcd.com
CA Issuers - URI:http://sd.symcb.com/sd.crt
Signature Algorithm: sha1WithRSAEncryption
63:4a:3e:e8:c1:28:b8:e9:9d:6f:12:ca:da:49:fa:b2:6d:f6:
fa:8d:58:c6:e9:77:24:dd:e1:6e:e9:7f:7c:38:22:97:63:c4:
7a:9d:8b:0d:95:f9:bb:03:4d:e7:d2:3f:6a:31:03:32:f8:1f:
00:c6:7c:de:30:1d:b6:58:b8:ff:72:61:f3:0c:bc:24:73:0c:
e5:dc:19:be:50:93:52:42:fa:1a:a1:b3:b2:35:72:eb:bd:b3:
57:09:b7:2a:a1:7e:e2:4c:e5:49:45:77:94:67:a1:f8:aa:87:
40:55:32:1c:d4:b3:76:c4:1d:e2:40:6b:14:53:a7:d4:ba:9d:
67:42:17:23:26:ea:02:7e:8a:74:c5:ca:57:62:5e:bd:9d:60:
6b:f6:70:09:0a:7d:e8:db:22:c8:0e:4d:7a:2f:1a:28:4d:df:
df:0f:3f:00:9b:ea:3c:d6:e1:a1:b3:65:5b:f2:d3:86:8b:de:
ae:d2:21:cb:e5:e5:a9:ad:ef:6e:1b:ee:0a:c4:e4:33:97:4f:
b7:f2:7c:ab:4e:e0:7e:4b:a8:2b:52:fa:63:e9:f9:33:de:c1:
e3:e4:9a:11:86:45:9c:d6:db:b6:c7:12:1c:d6:a4:3b:10:b9:
66:90:51:31:d3:e2:5d:77:95:bf:f5:cb:99:aa:b4:e9:90:1d:
89:86:06:dc
Rebooter la box peut peut être arranger les choses oui :)
Le 23/12/2014 12:38, Carroussel Informatique a écrit :
Bonjour à tous, et bonnes fêtes, un peu en avance.
J’espère que ma question ne sera pas trop "Hors sujet", voila :
Depuis quelques jours, Thunderbird rouspète que la connexion avec
pop.orange via SSL n'est pas sécurisée, car le certificat est invalide.
Renseignement pris. Le certificat expirait le 12/12/2014, oups ! ^^'
Néanmoins, ça marche quand même, je reçoit correctement la pub, les
newsletters, la liste FRNOG, et ce qui est le plus important, le spam
! :-)
Un fil de discussion a été ouvert sur le forum "communauté orange"
(http://communaute.orange.fr/t5/mon-mail-Orange/Certificat-expir%C3%A9-dans-Thunderbird/td-p/451122
) mais les réponses données ne me semblent pas très satisfaisantes.
(Changer de navigateurs pour Chrome, rebooter la livebox, oui, bon...)
Je ne vois pas ce que cela changera au niveau du certificat, mais peut
être je me trompe...
Dans ce cas, corrigez moi, je suis ici pour m'instruire.
Est ce que quelqu'un a des information à ce sujet ?
Merci, et bonnes fêtes à tout ceux qui seront d'astreinte demain soir...
Etienne
---------------------------
Liste de diffusion du FRnOG
http://www.frnog.org/
---------------------------
Liste de diffusion du FRnOG
http://www.frnog.org/
