On 12/09/2014 12:09 AM, Andrea Pescetti wrote: > Ray Miles wrote: >> When I tried to go to the several FAQ and group forums, there was a warning >> to leave the >> page because of security reasons > > Can you tell us what address were you visiting and what browser you are > using? Our HTTPS certificate may not be understood by very old browsers > (and this is just a warning; you are not actually taking any risk, > simply the browser tells you that it can't guarantee that those pages > are from the OpenOffice project), but if you provide the details we can > check. > > Regards, > Andrea. >
Andrea, You might want to take a closer look at your servers - certs are good but: "This server is vulnerable to the OpenSSL CCS vulnerability (CVE-2014-0224) and exploitable. Grade set to F." "https://www.ssllabs.com/ssltest/analyze.html?d=forum.openoffice.org" <https://community.qualys.com/blogs/securitylabs/2014/06/13/ssl-pulse-49-vulnerable-to-cve-2014-0224-14-exploitable> The primary servers seem OK: https://www.ssllabs.com/ssltest/analyze.html?d=openoffice.org 192.87.106.229 aurora-2012.apache.org Grade A 54.172.167.43 ec2-54-172-167-43.compute-1.amazonaws.com Grade B "This server accepts the RC4 cipher, which is weak. Grade capped to B" @Ray Miles: Check to see if your browser is listed here: <https://en.wikipedia.org/wiki/Transport_Layer_Security#Web_browsers> If it is, then you should update/upgrade your browser to version that supports TLS1.2. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
