cloudflare refers NTS users to wrong page
Udo van den Heuvel
udovdh at xs4all.nl
Tue Dec 10 05:18:46 UTC 2019
On 10-12-2019 05:58, Hal Murray wrote:
> openssl s_client -showcerts -quiet time.cloudflare.com:1234
# openssl s_client -showcerts -quiet time.cloudflare.com:1234
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert
Global Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, CN = DigiCert ECC Secure Server CA
verify return:1
depth=0 C = US, ST = California, L = San Francisco, O = "Cloudflare,
Inc.", CN = time.cloudflare.com
verify return:1
read:errno=0
Look similar to yours I guess.
Yet, I get:
Dec 10 05:52:57 s2 ntpd[984825]: NTSc: DNS lookup of
time.cloudflare.com:1234 took 0.022 sec
Dec 10 05:52:57 s2 ntpd[984825]: NTSc: nts_probe connecting to
time.cloudflare.com:1234 => [2606:4700:f1::123]:123
Dec 10 05:52:57 s2 ntpd[984825]: NTSc: Using TLSv1.3,
TLS_AES_256_GCM_SHA384 (256)
Dec 10 05:52:57 s2 ntpd[984825]: NTSc: certificate subject name:
/C=US/ST=California/L=San Francisco/O=Cloudflare,
Inc./CN=time.cloudflare.com
Dec 10 05:52:57 s2 ntpd[984825]: NTSc: certificate issuer name:
/C=US/O=DigiCert Inc/CN=DigiCert ECC Secure Server CA
Dec 10 05:52:57 s2 ntpd[984825]: NTSc: certificate invalid: 19=>self
signed certificate in certificate chain
Dec 10 05:52:57 s2 ntpd[984825]: NTSc: NTS-KE req to
time.cloudflare.com:1234 took 0.070 sec, fail
Kind regards,
Udo
More information about the devel
mailing list