X2Go Bug report logs - #1530
TLS intermediate certificate seems to be "wrong"

Package: wiki.x2go.org; Maintainer for wiki.x2go.org is x2go-dev@lists.x2go.org;

Reported by: Tim Landscheidt <tim@tim-landscheidt.de>

Date: Fri, 5 Mar 2021 00:45:02 UTC

Severity: normal

Done: Mihai Moldovan <ionic@ionic.de>

Bug is archived. No further changes may be made.

Full log


Message #5 received at submit@bugs.x2go.org (full text, mbox, reply):

Received: (at submit) by bugs.x2go.org; 5 Mar 2021 00:43:44 +0000
From tim@tim-landscheidt.de  Fri Mar  5 01:43:38 2021
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=0.8 required=3.0 tests=BAYES_50,SPF_HELO_NONE,
	URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.2
Received: from andalucia.tim-landscheidt.de (andalucia.tim-landscheidt.de [IPv6:2a01:4f8:1c1c:d4d0::1])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 9E8925DA8B
	for <submit@bugs.x2go.org>; Fri,  5 Mar 2021 01:43:37 +0100 (CET)
Received: from dslb-084-060-155-122.084.060.pools.vodafone-ip.de ([84.60.155.122]:54564 helo=passepartout.tim-landscheidt.de)
	by andalucia.tim-landscheidt.de with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.89)
	(envelope-from <tim@tim-landscheidt.de>)
	id 1lHyZ7-0001vc-24
	for submit@bugs.x2go.org; Fri, 05 Mar 2021 01:43:37 +0100
From: Tim Landscheidt <tim@tim-landscheidt.de>
To: submit@bugs.x2go.org
Subject: TLS intermediate certificate seems to be "wrong"
Organization: http://www.tim-landscheidt.de/
Date: Fri, 05 Mar 2021 00:43:36 +0000
Message-ID: <87wnumfn0n.fsf@passepartout.tim-landscheidt.de>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
Package: wiki.x2go.org

While checking URLs with LWP/curl, I noticed that
wiki.x2go.org fails:

| [tim@passepartout ~]$ curl https://wiki.x2go.org/
| curl: (60) SSL certificate problem: unable to get local issuer certificate
| More details here: https://curl.haxx.se/docs/sslcerts.html

| curl failed to verify the legitimacy of the server and therefore could not
| establish a secure connection to it. To learn more about this situation and
| how to fix it, please visit the web page mentioned above.
| [tim@passepartout ~]$

Staring at "openssl s_client -connect wiki.x2go.org:443",
https://www.ssllabs.com/ssltest/analyze.html?d=wiki.x2go.org
and https://letsencrypt.org/certificates/ suggests to a
layman that the server certificate is signed by the R3
certificate, but the X3 certificate is sent along?


Send a report that this bug log contains spam.


X2Go Developers <owner@bugs.x2go.org>. Last modified: Thu Mar 28 12:06:08 2024; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.