2014-11-13 15:05 GMT+05:00 Mike Hommey <m...@glandium.org>:
>> Package: iceweasel
>> Version: 31.2.0esr-2~deb7u1
>> Severity: normal
>>
>> Dear Maintainer,
>>
>> My internet provider add url-filtration for https by using self-signed
>> certificates.
>> Google Chrome (from google) and Chromium (from Debian) see it and fail.
>> Iceweasel does nothing, as if cert is valid.
>>
>> I am exec openssl s_client -connect www.youtube.com:443 via filter and
>> direct and attach output
>
> What does it say on
> https://www.pcwebshop.co.uk/ ? If it shows the untrusted screen, what
> does it say under technical details ?

Expired cert and "Parallels Panel" as CN.

> What happens if you run iceweasel with a fresh profile and in safe mode?
> (iceweasel -P -safe-mode)

Was tried before bugreport, nothing changed, www.youtube.com opened
well in iceweasel, when chromium fail with cert error.

New information:
I forgot to save cert before bugreport and take when was write it.
Now i see, that provider change cert, nothing failed in any browser
and new cert was attached to bugreport

I get https://pki.google.com/GIAG2.crt and run:

$ openssl x509 -inform DER -outform PEM -in GIAG2.crt -out GIAG2.pem
$ openssl verify -verbose -CAfile GIAG2.pem cert_filter
cert_filter: OK
$ openssl verify -verbose -CAfile GIAG2.pem cert_direct
cert_direct: OK

Provider beat me and other clients. So, i can't repeat bug now.
Sorry.

-- 
Stanislav


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to