View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0001469 | Main CAcert Website | misc | public | 2019-10-11 10:38 | 2020-11-23 09:33 |
Reporter | mcgiwer | Assigned To | Ted | ||
Priority | normal | Severity | major | Reproducibility | always |
Status | needs work | Resolution | open | ||
Platform | Main CAcert Website | OS | Linux (Debian based) | OS Version | stable |
Summary | 0001469: CACert.org certificate issues (with valid root certificates installed) | ||||
Description | 1. when I attempt to open cacert.org website pages, I recieve a following error every time: > Secure Connection Failed > > An error occurred during a connection to cats.cacert.org. SSL peer was unable to negotiate an acceptable set of security parameters. > > Error code: SSL_ERROR_HANDSHAKE_FAILURE_ALERT > > The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. > Please contact the website owners to inform them of this problem." =========== 2. when I'm attempting to issue a client certificate, I recieve a following error: > I didn't receive a valid Certificate Request, please try a different browser. Please repeair above error's ASAP. Thanks | ||||
Steps To Reproduce | Enter the website | ||||
Tags | No tags attached. | ||||
Reviewed by | |||||
Test Instructions | see: Steps to reproduce | ||||
|
Usually this is caused by the fact that the CAcert root certificates are not installed in the browser, see http://wiki.cacert.org/FAQ/Mess If you have CAcert root certificates installed (and trusted), there are still occasional problems that the old version of the root certificate is somewhere in traffic, which still used MD5 for self-signature, see http://wiki.cacert.org/HowTo/ReplaceCAcertRootCertificate If both of these possible causes are eliminated we'd need to know which browser you are using. |
|
I use Firefox. Maybe it would be a good idea to make the main site load without SSL as default. This would partially solve the problem. On the main website should be a information about need of installing the Root certificates to enter the SSL or install a SSL certificate with donsn't require doing that |
|
I have removed the old and installed new root certificates of CA cert and independant from it: 1. when I attempt to open cacert.org website pages, I recieve a following error every time: > Secure Connection Failed > > An error occurred during a connection to cats.cacert.org. SSL peer was unable to negotiate an acceptable set of security parameters. > > Error code: SSL_ERROR_HANDSHAKE_FAILURE_ALERT > > The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. > Please contact the website owners to inform them of this problem." =========== 2. when I'm attempting to issue a client certificate, I recieve a following error: > I didn't receive a valid Certificate Request, please try a different browser. Please repeair above error's ASAP. Thanks |
Date Modified | Username | Field | Change |
---|---|---|---|
2019-10-11 10:38 | mcgiwer | New Issue | |
2019-10-14 08:09 | Ted | Assigned To | => Ted |
2019-10-14 08:09 | Ted | Status | new => needs feedback |
2019-10-14 08:09 | Ted | Note Added: 0005851 | |
2019-10-14 08:10 | Ted | Priority | immediate => normal |
2019-10-14 08:10 | Ted | Note Edited: 0005851 | |
2019-10-14 09:03 | mcgiwer | Note Added: 0005852 | |
2019-10-14 09:03 | mcgiwer | Status | needs feedback => needs work |
2020-11-23 09:30 | mcgiwer | Note Added: 0005919 | |
2020-11-23 09:33 | mcgiwer | OS | N/A => Linux (Debian based) |
2020-11-23 09:33 | mcgiwer | Summary | Invalid SSL certificate => CACert.org certificate issues (with valid root certificates installed) |
2020-11-23 09:33 | mcgiwer | Description Updated |