Date: Thu, 14 May 2015 20:02:17 +1000 (EST) From: Ian Smith <smithi@nimnet.asn.au> To: Patrick Proniewski <patpro@patpro.net> Cc: Anders Gulden Olstad <anders.olstad@modirum.com>, Liste FreeBSD-security <freebsd-security@freebsd.org> Subject: Re: Forums.FreeBSD.org - SSL Issue? Message-ID: <20150514193706.V69409@sola.nimnet.asn.au> In-Reply-To: <05636D22-BBC3-4A15-AC44-0F39FB265CDF@patpro.net> References: <CACRVPYOALi-V8D34zeJTYdSwHshYrqtttqVV3=aP8Yb6ZAxfyg@mail.gmail.com> <2857899F-802E-4086-AD41-DD76FACD44FB@modirum.com> <05636D22-BBC3-4A15-AC44-0F39FB265CDF@patpro.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 14 May 2015 10:28:27 +0200, Patrick Proniewski wrote: > On 13 mai 2015, at 23:18, Anders Gulden Olstad wrote: > > > Qualys report chain issues > > that's pretty odd, because I've checked too just after sending my > reply to the list (message id > A2D58CCB-8B0A-40FF-9ED1-89B698A830DD@patpro.net), and Qualys reported > no issues at all about the chain. That was about 7-8 hours before > your message. > > But well, the global note was B at this time, and now it's A+. They > obviously upgraded TLS from 1.0 to 1.2, ditched support for "old" > browsers, and made other cipher tuning. Good job admins (though I > would have been a bit more conservative about browser support). Well, I can't reach https://forums.freebsd.org/ at all at the moment, my (admittedly ancient, on 8.2) SeaMonkey now consistenly reports: "Data Transfer Interrupted The connection to forums.freebsd.org has terminated unexpectedly. Some data may have been transferred." .. which I found pretty weird as I'd read this post - also not reachable now, of course - at 03:20 this morning, ie 17:20 UTC on 13th May: https://forums.freebsd.org/threads/virtualbox-4-3-26-wont-start.51341/ I checked 'forums.freebsd.org' at https://www.ssllabs.com/ssltest/analyze.html?d=forums.freebsd.org which is currently showing: "The server supports only older protocols, but not the current best TLS 1.2. Grade capped to B." That report also shows "Valid from Tue, 12 May 2015 00:00:00 UTC Valid until Tue, 17 May 2016 23:59:59 UTC (expires in 1 year)" although my successful access at 03:20 this morning above was over 41 hours later than that Server Key and Certificate #1 date. Hopefully a temporary glitch, though I rarely refer to the forums. No similar issue with https://www.freebsd.org/ luckily (a matter of time?) cheers, Ian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150514193706.V69409>