From: classabbyamp <classabbyamp@users.noreply.github.com>
To: ml@inbox.vuxu.org
Subject: Re: Can't connect to tls v1.0 server after update
Date: Thu, 11 Apr 2024 02:09:29 +0200 [thread overview]
Message-ID: <20240411000929.B0A5D21E36@inbox.vuxu.org> (raw)
In-Reply-To: <gh-mailinglist-notifications-41a7ca26-5023-4802-975b-f1789d68868e-void-packages-49793@inbox.vuxu.org>
[-- Attachment #1: Type: text/plain, Size: 1844 bytes --]
New comment by classabbyamp on void-packages repository
https://github.com/void-linux/void-packages/issues/49793#issuecomment-2048628282
Comment:
then why did the issue not talk about this in the first place?!
anyway, gnutls supports TLSv1, your issue is not TLSv1:
```
gnutls-cli -p 1010 tls-v1-0.badssl.com
|<1>| There was a non-CA certificate in the trusted list: CN=localhost.
Processed 171 CA certificate(s).
Resolving 'tls-v1-0.badssl.com:1010'...
Connecting to '104.154.89.105:1010'...
- Certificate type: X.509
- Got a certificate list of 2 certificates.
- Certificate[0] info:
- subject `CN=*.badssl.com', issuer `CN=R3,O=Let's Encrypt,C=US', serial 0x038d399dce3f272a52aa08671d7603ff3741, RSA key 2048 bits, signed using RSA-SHA256, activated `2024-02-21 20:27:20 UTC', expires `2024-05-21 20:27:19 UTC', pin-sha256="JKXtzx/YH0ugREvDDr7Mc1XHuoXKiunCsuUxI6gR2H8="
Public Key ID:
sha1:f18ff011801230f13168e060ed2231106ad03bab
sha256:24a5edcf1fd81f4ba0444bc30ebecc7355c7ba85ca8ae9c2b2e53123a811d87f
Public Key PIN:
pin-sha256:JKXtzx/YH0ugREvDDr7Mc1XHuoXKiunCsuUxI6gR2H8=
- Certificate[1] info:
- subject `CN=R3,O=Let's Encrypt,C=US', issuer `CN=ISRG Root X1,O=Internet Security Research Group,C=US', serial 0x00912b084acf0c18a753f6d62e25a75f5a, RSA key 2048 bits, signed using RSA-SHA256, activated `2020-09-04 00:00:00 UTC', expires `2025-09-15 16:00:00 UTC', pin-sha256="jQJTbIh0grw0/1TkHSumWb+Fs0Ggogr621gT3PvPKG0="
- Status: The certificate is trusted.
- Description: (TLS1.0-X.509)-(ECDHE-SECP256R1)-(AES-256-CBC)-(SHA1)
- Session ID: F8:B4:2F:A2:84:D8:A7:CD:57:11:41:12:DB:67:A3:E0:6B:51:D6:F6:95:82:83:F2:00:2F:BB:AB:37:B6:7B:9F
- Options: safe renegotiation,
- Handshake was completed
```
you should probably contact your VPN admin and ask them to update their TLS configuration too
next prev parent reply other threads:[~2024-04-11 0:09 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-10 18:29 [ISSUE] " djaonline
2024-04-10 18:50 ` iFoundSilentHouse
2024-04-10 19:04 ` [ISSUE] [CLOSED] " leahneukirchen
2024-04-10 19:04 ` leahneukirchen
2024-04-10 21:26 ` djaonline
2024-04-10 21:29 ` djaonline
2024-04-10 21:29 ` djaonline
2024-04-10 21:40 ` leahneukirchen
2024-04-10 21:49 ` classabbyamp
2024-04-10 22:49 ` djaonline
2024-04-10 22:56 ` djaonline
2024-04-11 0:09 ` classabbyamp [this message]
2024-04-11 5:23 ` djaonline
2024-04-11 5:23 ` djaonline
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240411000929.B0A5D21E36@inbox.vuxu.org \
--to=classabbyamp@users.noreply.github.com \
--cc=ml@inbox.vuxu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).