???SSL cert

Gary E. Miller gem at rellim.com
Sat Jun 11 02:12:29 UTC 2016


Yo Amar!

On Sat, 11 Jun 2016 02:02:37 +0000
Amar Takhar <verm at darkbeer.org> wrote:

> On 2016-06-10 18:16 -0700, Gary E. Miller wrote:
> > Yo Webmaster!
> > 
> > Soemthing marginal about the ntpsec.org SSL cert, as seen by
> > Wheezy:  
> 
> I have no idea what's going on.  Our certificate is signed by
> GlobalSign.  I checked from multiple hosts it works fine.

Here are three test sites that agree with me:

    https://www.sslshopper.com/ssl-checker.html#hostname=ntpsec.org

"One of the root or intermediate certificates has expired (115 days ago)"

Ditto:

    https://www.digicert.com/help/

Qualys give the site an F:

    https://www.ssllabs.com/ssltest/analyze.html?d=ntpsec.org

"Chain issues 	Incorrect order, Extra certs"

Cert 2: 

Valid until 	Wed, 17 Feb 2016 16:05:02 UTC (expired 3 months and 24 days ago)   EXPIRED

DROWN (experimental):  	Vulnerable (same key with SSL v2)




RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
	gem at rellim.com  Tel:+1 541 382 8588
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ntpsec.org/pipermail/devel/attachments/20160610/3dc5aa88/attachment.bin>


More information about the devel mailing list