Strange Cloudflare Cert on www.opencsw.org
ihsan at opencsw.org
ihsan at opencsw.org
Sun Apr 23 16:55:20 CEST 2017
Hi Dago,
> I noticed that our package propagation is broken because the buglist could not be retreived
> by the go program from https://www.opencsw.org/buglist/json
>
> The cert from Cloudflare can not be viewed by our current openssl, maybe the ciphers are
> too new?
>
>
> web at web [web]:/home/web/bin/gar/go > openssl s_client -connect www.opencsw.org:443 -showcerts
> CONNECTED(00000004)
> 18446744071545616348:error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error:s23_clnt.c:757:
You have to use SNI. All browsers are doing that by default, but with OpenSSL you have to specify it first:
$ openssl s_client -servername www.opencsw.org -connect www.opencsw.org:443 -showcerts
-Ihsan
--
ihsan at dogan.ch http://blog.dogan.ch/
More information about the buildfarm
mailing list