[Operators] Operators Digest, Vol 91, Issue 16
Bandie Yip Kojote
bandie at ttygap.net
Thu Oct 29 14:19:09 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
The charge free StartSSL certificate gives out certificates with wrong
purpose flags. When I set ejabberd to "require valid certs only" your
server would be blocked.
I made this experience to everyone who has this free StartSSL cert.
Btw to the administrators of xmpp.net: I remember to fix the bug which
abort the test for those who have set "require valid certs only". In
the past we had it working.
On 10/29/2015 02:05 PM, Daniele Ricci wrote:
> Yesterday evening I've replaced the certificate with one issued by
> StartSSL. I now have grade A.
>
> Thanks!
>
> On Thu, Oct 29, 2015 at 1:00 PM, <operators-request at xmpp.org>
> wrote:
>> Interesting. I use a CAcert certificate on wyrddreams.org and the
>> IM Observatory doesn't seem to have any problems with it. I don't
>> see anything obviously wrong in what you pasted, and attempting
>> to connect from here didn't yield anything useful:
>> http://pastebin.com/BBhDJejA
>>
>> This is using OpenSSL 1.0.1f from the Ubuntu repos.
>>
>> JT
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iL4EAREKAGYFAlYyKtZfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl
bnBncC5maWZ0aGhvcnNlbWFuLm5ldDFFMTBDQzEyNzY0RTlBMjc4RTAzMzhDMEQ4
ODhGQjg0MDYwN0UwOTQACgkQ2Ij7hAYH4JTzQQD/bUH4cPlacZXyfUcfFv7bYOpE
FZGYA5kev6VfDAn4QZEA/2cZ2JDfnJAE9Fq0UA3K2/PvEVGPndznlousbvKPRofz
=Qdu6
-----END PGP SIGNATURE-----
More information about the Operators
mailing list