u can try filing a bug
against apache2-utils asking that ab add IgnoreUnexpectedEOF to the
SSL options. I don't know
what kind of reception that will get if you can't demonstrate it being
a problem on your own site. It's also possible to modify openssl.cnf
to make this option
On Sat, Jan 11, 2025 at 11:17 AM cen wrote:
>
> It seems that ab encounters some kind of an SSL issue with most https sites I
> tried (google, cloudflare proxied sites etc).
>
> Not all, seems to work fine with a personal blog site I host on
> Debian/apache2 se
he.org/
Benchmarking www.google.com (be patient)...SSL read failed (1) - closing
connection
80756A448C7F:error:0A000126:SSL routines:ssl3_read_n:unexpected eof while
reading:../ssl/record/rec_layer_s3.c:322:
This is because some servers drop a connection when they're done rather
than closing it
It seems that ab encounters some kind of an SSL issue with most https
sites I tried (google, cloudflare proxied sites etc).
Not all, seems to work fine with a personal blog site I host on
Debian/apache2 server or with https://www.debian.org/.
Some kind of an SSL issue but searching around I
On 11/26/24 12:59, Mario Marietto wrote:
2)
# apt install nvidia-detect nvidia-driver
You first did an `update`.
Also the wiki at [1] suggest to install other PKGs.
[1]
https://www.reddit.com/r/debian/comments/1h08w9v/ssl_error8002system_libraryno_such/?rdt=41730
--
John Doe
/sign-file sha512
/var/lib/shim-signed/mok/MOK.priv /var/lib/shim-signed/mok/MOK.der
/lib/modules/5.19.0-23-generic/updates/dkms/nvidia.ko
At main.c:298:
- SSL error:8002:system library::No such file or directory:
../crypto/bio/bss_file.c:67
- SSL error:1080:BIO routines::no suc
On Mon, Sep 23, 2024 at 7:13 PM Andrew Wood wrote:
>
> Is there a way to get MariaDB on Bookworm to log verbosely everything
> to do with connection attempts in order to try and debug why a client
> keeps getting error 2026 SSL connection error: protocol version mismatch?
I t
Thanks Andy.
I certainly did reply to the wrong email, apologies to all.
George.
On Tuesday, 24-09-2024 at 08:43 Andy Smith wrote:
Hi,
You seem to have hit reply on the wrong message so this appears in a
different thread. I've attempted to stitch it back to the other thread
with a Referen
Hi,
You seem to have hit reply on the wrong message so this appears in a
different thread. I've attempted to stitch it back to the other thread
with a References: header, but I might have got that wrong. The other
thread started at
.
On Tue, Sep 24, 2024 at 08:23:05AM +1000, George at Clug wrote:
Tuesday, 24-09-2024 at 06:05 Andrew Wood wrote:
Hi
Is there a way to get MariaDB on Bookworm to log verbosely
everything
to do with connection attempts in order to try and debug why a client
keeps getting error 2026 SSL connection error: protocol version
mismatch?
There is currently nothing
Hi
Is there a way to get MariaDB on Bookworm to log verbosely everything
to do with connection attempts in order to try and debug why a client
keeps getting error 2026 SSL connection error: protocol version mismatch?
There is currently nothing being logged on the server other than
On 27/6/24 11:52, Christian Gelinek wrote:
Hi all,
I'm wondering what options I have to connect as a client to a SSL VPN by
Fortinet[0].
Their official client "for Linux" has instructions[1] for CentOS, Fedora
and Ubuntu, although I found a blog[2] documenting the use of the
Hi all,
I'm wondering what options I have to connect as a client to a SSL VPN by
Fortinet[0].
Their official client "for Linux" has instructions[1] for CentOS, Fedora
and Ubuntu, although I found a blog[2] documenting the use of the Ubuntu
package on Debian 12.
Then I
Problem was, /etc/ca-certificates.conf was not regenerated, even with
apt install --reinstall -o
Dpkg::Options::="--force-confask,confnew,confmiss" ca-certificates
Regards
Harri
On Tue, May 14, 2024 at 3:10 PM Harald Dunkel
wrote:
> Hi folks,
>
> is there a sanity check for /etc/ssl/certs included in Bookworm?
> I've got one host with some missing symlinks in this directory, eg.
>
> root@dpcl064:/etc/ssl/certs# ls -al *SSL.com*
>
Am 14.05.2024 um 16:44:05 Uhr schrieb Harald Dunkel:
> is there a sanity check for /etc/ssl/certs included in Bookworm?
Is ca-certificates installed?
If so, reinstall it.
--
kind regards
Marco
Send unsolicited bulk mail to 1715697845mu...@cartoonies.org
Hi folks,
is there a sanity check for /etc/ssl/certs included in Bookworm?
I've got one host with some missing symlinks in this directory, eg.
root@dpcl064:/etc/ssl/certs# ls -al *SSL.com*
ls: cannot access '*SSL.com*': No such file or directory
Other hosts sho
Am Sonntag, 8. Oktober 2023, 17:32:37 CEST schrieb Jeffrey Walton:
> On Sun, Oct 8, 2023 at 7:53 AM Rainer Dorsch wrote:
> > I have one machine on which I see during upgrade messages like:
> >
> > Setting up udev (252.17-1~deb12u1) ...
> > 🔐 Enter passphrase for SS
On Sun, Oct 8, 2023 at 7:53 AM Rainer Dorsch wrote:
>
> I have one machine on which I see during upgrade messages like:
>
> Setting up udev (252.17-1~deb12u1) ...
> 🔐 Enter passphrase for SSL/TLS keys for 192.168.0.30:443 (RSA):
> Setting up linux-image-6.1.0-13-armmp (6.1.
On 08/10/2023 12:53, Rainer Dorsch wrote:
Hello,
I have one machine on which I see during upgrade messages like:
Setting up udev (252.17-1~deb12u1) ...
🔐 Enter passphrase for SSL/TLS keys for 192.168.0.30:443 (RSA):
Setting up linux-image-6.1.0-13-armmp (6.1.55-1) ...
/etc/kernel/postinst.d
Hello,
I have one machine on which I see during upgrade messages like:
Setting up udev (252.17-1~deb12u1) ...
🔐 Enter passphrase for SSL/TLS keys for 192.168.0.30:443 (RSA):
Setting up linux-image-6.1.0-13-armmp (6.1.55-1) ...
/etc/kernel/postinst.d/initramfs-tools
Subject: I have finally figured out how to export Private Key from
Fortigate firewall and successfully install Godaddy Wildcard SSL
certificate in UniFi Cloud Key Gen 2 Plus Network Controller
Good day from Singapore,
Author: Mr. Turritopsis Dohrnii Teo En Ming
Country: Singapore
Date: 26 Oct
On Wed, 26 Oct 2022 at 05:34, Stefan Monnier
wrote:
> > I always contact the manufacturer of the screws used in the products
> > I buy rather than the company who assembled the product using
> > said screws.
>
> Indeed, Ubiquity uses Debian as part of their devices a bit like other
> companies us
On Wed, 26 Oct 2022 at 04:54, chris wrote:
> I always contact the manufacturer of the screws used in the products I buy
> rather than the company who assembled the product using said screws.
>
> :)
>
Lol I don't understand.
Regards,
Mr. Turritopsis Dohrnii Teo En Ming
Targeted Individual in Si
On Wed, 26 Oct 2022 at 04:31, Kushal Kumaran wrote:
> On Tue, Oct 25 2022 at 09:56:50 PM, Turritopsis Dohrnii Teo En Ming <
> tdtemc...@gmail.com> wrote:
> > Subject: I have achieved PARTIAL SUCCESS in installing Godaddy SSL
> > Certificate in UniFi Cloud Key Gen 2 Pl
> I always contact the manufacturer of the screws used in the products
> I buy rather than the company who assembled the product using
> said screws.
Indeed, Ubiquity uses Debian as part of their devices a bit like other
companies use screws. Except AFAIK they don't use Debian as-is, so
getting g
t; tdtemc...@gmail.com> wrote:
> > Subject: I have achieved PARTIAL SUCCESS in installing Godaddy SSL
> > Certificate in UniFi Cloud Key Gen 2 Plus
> >
> > Good day from Singapore,
> >
> > I am posting here because UniFi Cloud Key Gen 2 Plus is powered by De
On Tue, Oct 25 2022 at 09:56:50 PM, Turritopsis Dohrnii Teo En Ming
wrote:
> Subject: I have achieved PARTIAL SUCCESS in installing Godaddy SSL
> Certificate in UniFi Cloud Key Gen 2 Plus
>
> Good day from Singapore,
>
> I am posting here because UniFi Cloud Key Gen 2 Plus is
Subject: I have achieved PARTIAL SUCCESS in installing Godaddy SSL
Certificate in UniFi Cloud Key Gen 2 Plus
Good day from Singapore,
I am posting here because UniFi Cloud Key Gen 2 Plus is powered by Debian
GNU/Linux 9.
I have found many reference guides on installing SSL certificate in UniFi
On Fri, Jan 14, 2022 at 08:24:51PM -0500, Karen Lewellen wrote:
> Hi folks,
> In an effort to be part of the solution for my shell service provider, I
> have a question.
> We are getting ssl certificate not trusted errors, which I understand post
> issues at the end of November, c
Hi folks,
In an effort to be part of the solution for my shell service provider, I
have a question.
We are getting ssl certificate not trusted errors, which I understand
post issues at the end of November, can be corrected with new ssl
certificate files.
main issue is in lynx 2.9.dev5
2021-12-05 18:18 GMT+05:00, rhkra...@gmail.com :
> For the last couple of days, when I try to open a link (to a web page) from
> an
> email in my older version of kmail I get a message that says:
>
> Could not connect to host . SSL negotiation failed.
>
> If I paste the same
rhkra...@gmail.com wrote:
> For the last couple of days, when I try to open a link (to a web page) from
> an
> email in my older version of kmail I get a message that says:
>
> Could not connect to host . SSL negotiation failed.
>
> If I paste the same link directly
On Sun, Dec 05, 2021 at 08:18:53AM -0500, rhkra...@gmail.com wrote:
> The kmail I use is an older version Wheezy (1.13.7 in kde 4.8.4)
The fact that something from wheezy fails to interoperate with current-day
TLS web sites is not a surprise at all. Sorry, but this is just *way*
too old to expect
For the last couple of days, when I try to open a link (to a web page) from an
email in my older version of kmail I get a message that says:
Could not connect to host . SSL negotiation failed.
If I paste the same link directly in the address bar of Firefox, the link
works fine.
The kmail I
On Thu, May 20, 2021 at 01:20:08PM +0100, Darac Marjal wrote:
> A great place to start is the SSL Labs Server Test -
> https://www.ssllabs.com/ssltest/analyze.html?d=ojs.lub.lu.se&latest -
> This will perform various handshakes with a HTTPS server a
On Fri, 21 May 2021 06:02:10 +
Bonno Bloksma wrote:
> Hi Celejar,
>
> >>> Although everything works properly for actual (human) users, a
> >>> coworker has informed me that some of his automated tests are
> >>> failing with invalid https certificate errors. I checked and, sure
> >>> enou
Hi Celejar,
>>> Although everything works properly for actual (human) users, a
>>> coworker has informed me that some of his automated tests are
>>> failing with invalid https certificate errors. I checked and, sure
>>> enough, it's not just his tests:
> To elaborate on / add to this: there's
s certificate errors. I checked and, sure enough, it's not
> > just his tests:
> >
> > $ curl https://ojs.lub.lu.se
> > curl: (60) SSL certificate problem: unable to get local issuer certificate
> > $ wget https://ojs.lub.lu.se
> > --2021-05-20 12:54:48--
>
> $ curl https://ojs.lub.lu.se
> curl: (60) SSL certificate problem: unable to get local issuer certificate
> $ wget https://ojs.lub.lu.se
> --2021-05-20 12:54:48-- https://ojs.lub.lu.se/
> Resolving ojs.lub.lu.se (ojs.lub.lu.se)... 130.235.140.198
> Connecting to ojs.lub
Although everything works properly for actual (human) users, a coworker
has informed me that some of his automated tests are failing with
invalid https certificate errors. I checked and, sure enough, it's not
just his tests:
$ curl https://ojs.lub.lu.se
curl: (60) SSL certificate problem: u
t
certificate as a client certificate.
> BTW, the problem showed up first on June 17th.
>> When diagnosing SSL errors I also find it helpful to wireshark the
>> connection to see which side exactly triggers the SSL Alert. That may
>> help highlight the culprit here.
>>
&g
: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 CRL Distribution Points:
:
:
BTW, the problem showed up first on June 17th.
When diagnosing SSL errors I
ertificate, it
>> will fail.
> Certificate verification is optional on my MTA. See the log file.
> AFAICT it ignored the failed certificate check and continued with the
> ssl handshake. *Then* it failed.
Right.
> It would be interesting to know whats written in the log files on
> bux
MTA. See the log file.
AFAICT it ignored the failed certificate check and continued with the
ssl handshake. *Then* it failed.
It would be interesting to know whats written in the log files on
buxtehude. Are there other similar incidents?
Regards
Harri
Reco wrote:
> On Mon, Jul 27, 2020 at 10:43:11AM +0200, Harald Dunkel wrote:
>> I've got a ssl handshake problem with bugs.debian.org on sending an EMail.
>> My mta (OpenBSD 6.7, i.e. libressl) in the office says in its logfile
>>
>> :
>> Jul 27 10:23:39
Hi.
On Mon, Jul 27, 2020 at 10:43:11AM +0200, Harald Dunkel wrote:
> Hi folks,
>
> I've got a ssl handshake problem with bugs.debian.org on sending an EMail.
> My mta (OpenBSD 6.7, i.e. libressl) in the office says in its logfile
>
> :
> Jul 27 1
Hi folks,
I've got a ssl handshake problem with bugs.debian.org on sending an EMail.
My mta (OpenBSD 6.7, i.e. libressl) in the office says in its logfile
:
Jul 27 10:23:37 gate5a smtpd[67056]: d4df9298d18e1596 mta connecting
address=smtp://209.87.16.39:25 host=buxtehude.debian.org
Jul 27
Hello Support!
Any idea how to fix or troubleshoot this vulnerability ?
-vulnerability-
[medium] [6514/101915888/tls-syslog?] IETF X.509 SSL Certificate Signature
e deployed that way.
> There are a couple of other things that
> need to be done for SSL to work (such as enabling the Apache SSL
> module) and it's long enough ago that I did it last that you had better
> look up a few tutorials. If you need to make your web server available
> pub
ttings webpage isn't working whereas
> it was fine a week ago.
>
> It occurs to me I don't really understand how SSL works and if
> problem I have might be to do with that not understanding.
> You can make a self signed certificate, a public, private pair
> Apache says yo
ttings webpage isn't working whereas it was fine a
> week ago.
>
> It occurs to me I don't really understand how SSL works and if problem I
> have might be to do with that not understanding.
> You can make a self signed certificate, a public, private pair
> Apache says yo
me I don't really understand how SSL works and if problem I
have might be to do with that not understanding.
You can make a self signed certificate, a public, private pair
Apache says you can make one and Dovecot says you can make one.
So are these SSL pairs separate things or one thing in
Hello,
The solution is to install libssl1.0-dev instead of libssl-dev of the Debian
repo. Squid don’t support libssl > 1.0.
Tanguy
Hi.
2018-08-22 14:43 GMT+09:00 Reco :
>> [question 1]
>> 'openssl ciphers -v' output ciphers. include SSL protocol version.
>> I have 'SSLv3' by 'openssl ciphers -v'
>> but debian openssl package disable ssl3. by configure option.
>> (
Hi.
On Wed, Aug 22, 2018 at 02:01:23PM +0900, Miwa Susumu wrote:
> Hi all.
>
> [question 1]
> 'openssl ciphers -v' output ciphers. include SSL protocol version.
> I have 'SSLv3' by 'openssl ciphers -v'
> but debian openssl package dis
Hi all.
[question 1]
'openssl ciphers -v' output ciphers. include SSL protocol version.
I have 'SSLv3' by 'openssl ciphers -v'
but debian openssl package disable ssl3. by configure option.
(see configure option in debian/rules file).
my openssl doesn't suppo
On Wed, Jun 13, 2018 at 10:30:52AM -, Dan Purgert wrote:
> Bringing this back to the list, in case anyone else has any
> suggestions ...
>
> culser wrote:
> > gee Dan
> >
> > thank you for such a fast response
> >
> > ok so i am downloading Debian 9.4.0 AMD DVD now.
> >
> > should i upgrade t
Bringing this back to the list, in case anyone else has any
suggestions ...
culser wrote:
> gee Dan
>
> thank you for such a fast response
>
> ok so i am downloading Debian 9.4.0 AMD DVD now.
>
> should i upgrade the existing server or build a new server with the
> new 9.4
Personally, I'd go wit
culser wrote:
> [...]`
> my current Debian is 4.1.2-25, Kernel 2.6.26-2 Amd, Apache 2, Postfix
Debian 4, as in Etch, which has been obsolete for 8 years now?
Yes, yes you absolutely need to upgrade.
--
|_|O|_| Registered Linux user #585947
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PG
In Debian i will need to change over to the TLS secure protocol.
is this done by certificate update or must i also update the software.
in particular i am using Perl to send and receive i believe SSL protocol
now.
my current Debian is 4.1.2-25, Kernel 2.6.26-2 Amd, Apache 2, Postfix
other
I've edited /etc/hosts adding a line where I put the IP address of the
server and the name of site.
Now everything works with SSL :-)
Thank you to all,
Aldo
Il giorno Tue, 20 Feb 2018 21:23:52 +0100
Aldo Maggi ha scritto:
> Thank you for answering!
> I'm really sorry but it s
Thank you for answering!
I'm really sorry but it seems not to be a SSL or Apache problem, today,
while I was away from home and I was using my laptop, I tried to open
my site and I was successful!
So I can open "mysite. com" from outside my Lan but if I try to
connect to "mys
On 2/19/18 2:54 PM, Aldo Maggi wrote:
Thank you for your fast answer!
root@Casa-mia-1:~# lsof -i :443
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
apache2 879 root6u IPv6 20270 0t0 TCP *:https (LISTEN)
apache2 948 www-data6u IPv6 20270 0t0 TCP *:https
Thank you for your fast answer!
root@Casa-mia-1:~# lsof -i :443
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
apache2 879 root6u IPv6 20270 0t0 TCP *:https (LISTEN)
apache2 948 www-data6u IPv6 20270 0t0 TCP *:https (LISTEN)
apache2 949 www-data6u I
On Mon, Feb 19, 2018 at 06:36:01PM +0100, Aldo Maggi wrote:
> Anyway, now if I browse writing my IP I get the Apache default page
> (the browser tells me, anyway, that the site is unsecure), if I write
> the name of the site I get (traslated from Italian):
> Unable to reach the site
> Connection de
I had my site on my pc and I didn't use SSL, I've bought a small home
server and have decided to move my site there.
I did everything from the beginning (to be frank, with the help of
Google!)
So, I've installed MariaDb, Apache2 and PHP7.x and got to the point to
see the Apache2 de
Hi.
On Sun, Feb 18, 2018 at 07:30:06AM +, Jonathan de Boyne Pollard wrote:
> Reco:
>
> > Browsers do certificate validation, "wrong IP address" would be possible
> > if the third party somehow produced a valid certificate for
> > wiki.debian.org (you have to be a CA *or* the governmen
e borders. This has been a known practice
for many years, and there have been for that time a wide range of
products sold to employers for specifically doing this.
* https://technet.microsoft.com/en-gb/library/ee658156.aspx
* http://cookbook.fortinet.com/why-you-should-use-ssl-
> apt-get install devscripts build-essential fakeroot
> apt-get install libssl-dev libcrypto++-dev libssl1.0-dev
> apt source squid3
>
> cd squid3-3.5.23
> vim debian/rules
> –enable-ssl (add)
> ./configure
> make all
> make install
>
>
> what can be the p
.0-dev
apt source squid3
cd squid3-3.5.23
vim debian/rules
–enable-ssl (add)
./configure
make all
make install
what can be the problem ? what do you recommend ?
root@debian:/usr/local/squid/etc# locate -i ssl_crtd
/home/gokan/squid3-3.5.23/src/ssl/ssl_crtd.8
/home/gokan/squid3-3.5.23/src/ssl/s
21:28, Gokan Atmaca wrote:
>
>> I am getting an error like the following while compiling Squid3. (I
>> want to install it with SSL-BUMP.)
>>
>> What can be the problem ?
>>
>> packages:
>> apt-get install libssl-dev libcrypto++-dev
>> apt-get build-dep
rote:
>
>> I am getting an error like the following while compiling Squid3. (I
>> want to install it with SSL-BUMP.)
>>
>> What can be the problem ?
>>
>> packages:
>> apt-get install libssl-dev libcrypto++-dev
>> apt-get build-dep squid3
>>
On 11.02.2018 21:28, Gokan Atmaca wrote:
> I am getting an error like the following while compiling Squid3. (I
> want to install it with SSL-BUMP.)
>
> What can be the problem ?
>
> packages:
> apt-get install libssl-dev libcrypto++-dev
> apt-get build-dep squid3
Hello
I am getting an error like the following while compiling Squid3. (I
want to install it with SSL-BUMP.)
What can be the problem ?
packages:
apt-get install libssl-dev libcrypto++-dev
apt-get build-dep squid3
apt-get install build-essential sharutils ccze libzip-dev libssl-dev
Hi all,
I use pidgin with XMPP (prosody on the server). Pidgin is the Jessie
version (2.11.0)
My server doesn't have the same hostname as my XMPP id domain, and I
haven't (yet) set up srv records, so I have the Advanced->Connect server
option set to the hostname of my server.
Prosody is configur
as been valid since 2000, and should be present on almost every
> > device. [For reference, google.com is signed by a key which was
> > generated in 2002...]
> >
> > So if it does have an issue with validity, it's an issue which many
> > SSL certificates are goin
have an issue with validity, it's an issue which many
SSL certificates are going to share.
According to themselves:
https://letsencrypt.org/docs/certificate-compatibility/
--
Eduardo M KALINOWSKI
edua...@kalinowski.com.br
ity, it's an issue which many
SSL certificates are going to share.
--
Don Armstrong https://www.donarmstrong.com
They say when you embark on a journey
of revenge
dig two graves.
They underestimate me.
-- a softer world #560
http://www.asofterworld.com/index.php?id=560
vary, pick any big name. You'd probably know what to do already if
> this were a requirement though.
>
We don't need extended validation and if I am not wrong, that can't
apply to our case because we have a wildcard certificate and there is no
specific validation fo
Le 2017-05-28 17:46, Umarzuki Mochlis a écrit :
>>
>>> Recently came to the market some lowcoast ssl certificate providers.
>>> Or free ssl providers. What do you think about them ?
>>
>> I think the best of the free ones is letsencrypt.
>>
>>
Hello sir,
It’s my pleasure that connect with you, I am working as network admin in
reputed web development companies and regularly purchased ssl certificate
for our clients. In the most case, I preferred free ssl certificate from
https://letsencrypt.org/ for basic requirements, otherwise I
>
>> Recently came to the market some lowcoast ssl certificate providers. Or free
>> ssl providers. What do you think about them ?
>
> I think the best of the free ones is letsencrypt.
>
> Cheers,
> Andy
>
> --
> https://bitfolk.com/ -- No-nonsense VP
it is worth your time to get letsencrypt automation
working and just use those, for free.
If you need extended validation for some reason then the costs will
vary, pick any big name. You'd probably know what to do already if
this were a requirement though.
> Recently came to the market some
On Fri, May 26, 2017 at 5:04 PM, kc atgb
wrote:
>
> There are a certain number of certificates providers. The question I have
> is which one do I have to consider ?
> Recently came to the market some lowcoast ssl certificate providers. Or
> free ssl providers. What do you think abo
some lowcoast ssl certificate providers. Or free
ssl providers. What do you think about them ?
And last, when documenting, I found some ssl certificate resealers that can
provide certificates from big authorities for a big discount. But I don't know,
I'm
not used to these practices
On Sat, Apr 15, 2017 at 08:11:13PM +0300, Reco wrote:
Hi,
> AFAIK jessie is the last Debian release that provides curl linked with
> openssl.
We've three flavour of libcurl in the archive and the current "default"
is the one linked against openssl.
libcurl3 - easy-to-use client-side URL transfer
On Thu, Apr 13, 2017 at 09:04:01PM +0100, Darac Marjal wrote:
> It looks[1] like Squid can do SSL Interception. I imagine it should be
> possible, therefore, for squid to perform the HTTPS connection and
> either downgrade it to HTTP or to re-encrypt it with a lower grade. YMMV
Well
It's EVERY single terminal-based browser, and
> >> as you noticed, it gets worse every day.
> >>
> >> Apparently all of the terminal-based browsers in wheezy and jessie are
> >> linked with libgnutls instead of libopenssl, and libgnutls (at least as
> >> provid
t least as
provided by jessie) is completely incapable of forming an SSL connection
with half of the Web.
There's one notable exception to this in jessie and it's called w3m.
$ ldd /usr/bin/w3m | grep ssl
libssl.so.1.0.0 => /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
In
libopenssl, and libgnutls (at least as
> provided by jessie) is completely incapable of forming an SSL connection
> with half of the Web.
There's one notable exception to this in jessie and it's called w3m.
$ ldd /usr/bin/w3m | grep ssl
libssl.so.1.0.0 => /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
Reco
Greg Wooledge writes:
> Apparently all of the terminal-based browsers in wheezy and jessie are
> linked with libgnutls instead of libopenssl, and libgnutls (at least as
> provided by jessie) is completely incapable of forming an SSL connection
> with half of the Web.
>
> Eve
It looks[1] like Squid can do SSL Interception. I imagine it should be
possible, therefore, for squid to perform the HTTPS connection and
either downgrade it to HTTP or to re-encrypt it with a lower grade. YMMV
[1] http://wiki.squid-cache.org/Features/HTTPS
On 13/04/17 18:01, Greg Wooledge
ngle terminal-based browser, and
as you noticed, it gets worse every day.
Apparently all of the terminal-based browsers in wheezy and jessie are
linked with libgnutls instead of libopenssl, and libgnutls (at least as
provided by jessie) is completely incapable of forming an SSL connection
with half of t
This started out a year or so ago with the occasional site in
which lynx would report that it was unable to establish a TLS
connection with this or that site. The next step on the road to
train reck is that lynx says it's trying an insecure connection
without TLS. That's nice that it tries and on s
On Thu, 09 Mar 2017, Jonathan Dowland wrote:
> On Thu, Mar 09, 2017 at 10:38:32AM +0100, Jorick Astrego wrote:
> > On 03/09/2017 10:36 AM, Jorick Astrego wrote:
> > > Just letting you know the ssl certificate on archive.debian.net "uses
> > > an invalid secur
On Thu, Mar 09, 2017 at 10:38:32AM +0100, Jorick Astrego wrote:
> On 03/09/2017 10:36 AM, Jorick Astrego wrote:
> > Just letting you know the ssl certificate on archive.debian.net "uses
> > an invalid security certificate. The certificate expired on 02/19/2017
> > 05:
On 03/09/2017 10:36 AM, Jorick Astrego wrote:
> Hi,
>
> Just letting you know the ssl certificate on archive.debian.net "uses
> an invalid security certificate. The certificate expired on 02/19/2017
> 05:25 AM. The current time is 03/09/2017 1
Hi,
Just letting you know the ssl certificate on archive.debian.net "uses an
invalid security certificate. The certificate expired on 02/19/2017
05:25 AM. The current time is 03/09/2017 10:32 AM. (Error code:
sec_error_expired_certificate)"
Most people will use archive.debian.org,
On Mon, Nov 28, 2016 at 06:59:38PM +0100, Sven Hartge wrote:
> Henning Follmann wrote:
>
> > Sending is not an imap issue. So you might want look into the MTA (in your
> > case Postfix).
>
> It can be if postfix uses cyrus as authentication source.
>
Since he provided no useful information it
1 - 100 of 1171 matches
Mail list logo
