[SR-Users] SSL Certificate (Second Try)

Pavel Kasparek pavel at iptel.org
Tue Aug 2 09:24:34 CEST 2016


Hello,

thanks for reporting. There are actually two problems: the certificate
was expired, and uses SHA1 which some browsers already started
considering obsolete. There is now renewed certificate (valid for one
year from now). But unfortunately we can't create it with newer
signature algorithm than SHA1 yet (as the software we use to manage
iptel CA does not support it yet, looks like the browsers started
considering SHA1 not valid too early), so for now please just add a
security exception. Note: we are considering moving to some real
certificate instead of our own CA soon anyway (as done already e.g. on
the main www.iptel.org site).

With regards
Pavel Kasparek


On 08/02/2016 05:58 AM, JCOT wrote:
> I'm not sure where to send this information so I hope it's okay to share it with the mailing list, as well as the whois registrants:
> 
> I went to register for a new account at https://serweb.iptel.org/user/reg.
> 
> Firefox told me that the SSL certificate was bad. Specifically:
> 
> --
> serweb.iptel.org uses an invalid security certificate. The certificate is not trusted because it was signed using a signature algorithm that was disabled because that algorithm is not secure. The certificate expired on 10/22/2014 12:39 AM. The current time is 08/01/2016 09:55 PM.
> --
> 
> Thank you.
> 


-- 
Pavel Kasparek






More information about the sr-users mailing list