|
|
Subscribe / Log in / New account

Bad "EEVDF technical report" link

Bad "EEVDF technical report" link

Posted Jun 2, 2025 17:17 UTC (Mon) by knewt (subscriber, #32124)
In reply to: Bad "EEVDF technical report" link by wt
Parent article: Reports from OSPM 2025, day three

> My browser reports a mismatch between the domain name and the certificate.

I've just run the site through the SSL Labs tester, and I believe I can see what's going on here.

The test summary reports that the server's certificate chain is incomplete. Investigating further into the detail, it looks like an intermediate certificate (InCommon RSA Server CA, issued by USERTrust) expired back in October of 2024. There is now a replacement for that certificate (InCommon RSA Server CA 2, which the tester was able to obtain), but the web server is still providing the expired intermediate instead.

My guess would be that systems which happen to have the newer intermediate will access the site without complaint, but any client that doesn't - and which correctly verifies the certificate path - will report an error. Completely properly and reasonably mind you, in the modern world.

to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds