The expired cert was in my initial email. This is a CA cert. If you go
to https://www.ssllabs.com/ssltest/analyze.html?d=svn.r-project.org
and wait for the analysis, and then expand the certification paths,
then you'll see three possible paths. (For most simulated clients.)
Two are trusted, one is
On Sat, May 30, 2020 at 11:02 PM Jeroen Ooms wrote:
[...]
>
> What you need to do is replace the final certificate with this one
> (just copy-paste the base64 cert): https://crt.sh/?d=1720081 .Then
> restart the server.
You can also export this from Keychain Access on macOS, btw. find
"COMODO RSA
On Sat, May 30, 2020 at 11:40 PM Duncan Murdoch
wrote:
>
> On 30/05/2020 5:23 p.m., Bob Rudis wrote:
> > I've updated the dashboard (https://rud.is/r-project-cert-status/)
> > script and my notifier script to account for the entire chain in each
> > cert.
>
> You never posted which certificate has
On 30/05/2020 5:23 p.m., Bob Rudis wrote:
I've updated the dashboard (https://rud.is/r-project-cert-status/)
script and my notifier script to account for the entire chain in each
cert.
You never posted which certificate has expired. Your dashboard shows
they're all valid, but the download sti
The browsers still shouldn't trust it. The CA cert is expired.
On Sat, May 30, 2020 at 5:23 PM Bob Rudis wrote:
>
> I've updated the dashboard (https://rud.is/r-project-cert-status/)
> script and my notifier script to account for the entire chain in each
> cert.
>
> On Sat, May 30, 2020 at 5:16 P
I've updated the dashboard (https://rud.is/r-project-cert-status/)
script and my notifier script to account for the entire chain in each
cert.
On Sat, May 30, 2020 at 5:16 PM Bob Rudis wrote:
>
> # A tibble: 13 x 1
>site
>
> 1 beta.r-project.org
> 2 bugs.r-project.org
> 3 cran-archive.
It's the top of chain CA cert, so browsers are being lazy and helpful
to humans by (incorrectly, albeit) relying on the existing trust
relationship.
libcurl (et al) is not nearly as forgiving.
On Sat, May 30, 2020 at 5:01 PM peter dalgaard wrote:
>
> Odd. Safari has no problem and says certifica
# A tibble: 13 x 1
site
1 beta.r-project.org
2 bugs.r-project.org
3 cran-archive.r-project.org
4 cran.r-project.org
5 developer.r-project.org
6 ess.r-project.org
7 ftp.cran.r-project.org
8 journal.r-project.org
9 r-project.org
10 svn.r-project.org
11 user2011.r-project.org
12 www.cr
The certificate itself is ok, but some other certificate higher up in
the chain is not. It is possible to have multiple certificate chains,
and only one needs to be successful for to accept the certificate.
Some clients are able to use an alternate chain, so they are fine, but
other clients do not
Odd. Safari has no problem and says certificate expires August 16 2020, but I
also see the download.file issue with 4.0.1 beta:
> download.file("https://www.r-project.org";, tempfile())
trying URL 'https://www.r-project.org'
Error in download.file("https://www.r-project.org";, tempfile()) :
ca
Yep. It should switch to Let's Encrypt with the automated cert renewals ASAP.
On Sat, May 30, 2020 at 4:17 PM Gábor Csárdi wrote:
>
> On macOS 10.15.5 and R-devel:
>
> > download.file("https://www.r-project.org";, tempfile())
> trying URL 'https://www.r-project.org'
> Error in download.file("http
On macOS 10.15.5 and R-devel:
> download.file("https://www.r-project.org";, tempfile())
trying URL 'https://www.r-project.org'
Error in download.file("https://www.r-project.org";, tempfile()) :
cannot open URL 'https://www.r-project.org'
In addition: Warning message:
In download.file("https://ww
12 matches
Mail list logo
