helpGna! Administration - Support: sr #2881, gna site security certificate not...

 
 
Show feedback again

sr #2881: gna site security certificate not trusted

Submitted by:  None
Submitted on:  Sun 04 Mar 2012 04:09:42 PM UTC  
 
Category: OtherPriority: 5 - Normal
Severity: 3 - NormalStatus: None
Privacy: PublicAssigned to: None
Originator Email: -unavailable-Open/Closed: Open
Operating System: GNU/Linux

Add a New Comment (Rich MarkupRich Markup):
   

You are not logged in

Please log in, so followups can be emailed to you.

 

Sat 28 Apr 2012 12:49:25 PM UTC, comment #1:

(Note: I'm not a Gna administrator, just an interested user)

Depending on your browser, it's normal to get such errors. Gna uses a SSL certificate from cacert.org, whose root CA unfortunately isn't included in many browsers (e.g., Firefox on Windows and Ubuntu Linux).

(This is a bit of a pain; when publishing Gna URLs for use by the general public rather than developers, e.g. for bug reports, I make a point of publishing non-SSL URLs, for this reason. Also, I don't feel I can encourage casual users to create accounts here due to this issue.)

Things you can do about it:

  • Install the appropriate cacert.org root CA in your browser/OS. (This probably means you are trusting cacert.org to verify any SSL website, not just gna.org. Also you have to convince yourself that you're getting the genuine root CA at install time.)
  • Set up a manual exception for gna.org, installing their current certificate in your browser. This would let you be sure that you were talking to the same organisation that you'd registered with, except that you'd have to renew this exception every six months or so when Gna renew their certificate; but it wouldn't change your trust model for sites other than Gna.

Obviously it's up to you to consider the security implications.

(From sr #771, it looks like the previous arrangement was a self-signed certificate, so while still not entirely satisfactory, this is an improvement on that.)

Jacob Nevins <jtn>
Sun 04 Mar 2012 04:09:42 PM UTC, original submission:

Hi,
I was going to register to your site, because I would like to propose a new free sw project.
Using Firefox or or Chrome I get a message saying that the site has a security problem. I copy in the following one of these messages:

The site's security certificate is not trusted!
You attempted to reach gna.org, but the server presented a certificate issued by an entity that is not trusted by your computer's operating system. This may mean that the server has generated its own security credentials, which Google Chrome cannot rely on for identity information, or an attacker may be trying to intercept your communications. You should not proceed, especially if you have never seen this warning before for this site.

Is that normal ?
Thanks,
Kind Regards
Dario

Anonymous

 

(Note: upload size limit is set to 1024 kB, after insertion of the required escape characters.)

Attach File(s):
   
   
Comment:
   

No files currently attached

 

Depends on the following items: None found

Items that depend on this one: None found

 

Carbon-Copy List
  • -unavailable- added by jtn (Posted a comment)
  • -unavailable- added by None (Submitted the item)
  •  

    Do you think this task is very important?
    If so, you can click here to add your encouragement to it.
    This task has 0 encouragements so far.

    Only logged-in users can vote.

     

    Please enter the title of George Orwell's famous dystopian book (it's a date):

     

     

    No Changes Have Been Made to This Item
    Show feedback again

    Back to the top


    Powered by Savane 3.1-cleanup