Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Same issue here, using firefox.

openSSL doesn't complain though:

    sielicki@wetdog ~ $ openssl s_client -connect golang.org:443 -CApath /etc/ssl/certs
    CONNECTED(00000003)
    depth=3 C = US, O = Equifax, OU = Equifax Secure Certificate Authority
    verify return:1
    depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA
    verify return:1
    depth=1 C = US, O = Google Inc, CN = Google Internet Authority G2
    verify return:1
    depth=0 C = US, ST = California, L = Mountain View, O = Google Inc, CN = *.appspot.com
    verify return:1
    ---
    Certificate chain
     0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.appspot.com
       i:/C=US/O=Google Inc/CN=Google Internet Authority G2
     1 s:/C=US/O=Google Inc/CN=Google Internet Authority G2
       i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
     2 s:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
       i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
    ---
    <...>
    Start Time: 1432839068
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
    ---

Makes sense, I guess... firefox/iceweasel don't look at /etc/ssl/certs, they only trust what mozilla puts out.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: