Am 24.10.2013 um 09:02 schrieb Tobias Oberstein <[email protected]>:
>> I just tried to register so I could do that. When I clicked on the register
>> button
>> after filling out the username/password fields my browser (firefox) brought
>> up a notice that the security certificate is invalid because of unavailable
>> issuance chain information. Knowing absolutely nothing about internet
>> security issues I thought I should mention this and ask if this is expected
>> behavior.
>
> I wouldn't call that expected behavior, since
>
> a) the certificate used on twistedmatrix.com contains (as it should)
> intermediate CA certs also (see attachments)
I’m not sure what you mean with “contains”? It certainly *relies* on one but
unfortunately doesn’t send it along (yet):
$ openssl s_client -host www.twistedmatrix.com -port 443
CONNECTED(00000003)
depth=0
/description=S7lbCt7N2R4t9o8J/C=US/CN=www.twistedmatrix.com/[email protected]
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0
/description=S7lbCt7N2R4t9o8J/C=US/CN=www.twistedmatrix.com/[email protected]
verify error:num=27:certificate not trusted
verify return:1
depth=0
/description=S7lbCt7N2R4t9o8J/C=US/CN=www.twistedmatrix.com/[email protected]
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
0
s:/description=S7lbCt7N2R4t9o8J/C=US/CN=www.twistedmatrix.com/[email protected]
i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom
Class 1 Primary Intermediate Server CA
---
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Twisted-Python mailing list [email protected] http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
