Closed thijskh closed 6 years ago
@nicoleharris what's your suggestion on this? Should we try to direct this issue to UNINET or do you suggest we move out of discojuice CDN?
Hi guys,
I've just told Brook, but in any case: UNINETT does not run that. I believe it was Leif who set it up.
The SSLLabs rating has changed, but it is still broken. See: https://www.ssllabs.com/ssltest/analyze.html?d=cdn.discojuice.org&s=99.198.110.253&hideResults=on section "Handshake Simulation". Current settings do not work with either Firefox or Chrome.
I've asked Leif to investigate and come up with a solution. It's a samlbits issue. If they can find a fix, I will update
It's got an A
now and it looks like it's pretty strict.
In any case I can connect to it with latest Firefox and Chrome etc.
Yes, SSL-wise it works now. Thanks!
I do get an error 500 on https://met.refeds.org/saml2/acs/
, but probably should file a separate issue about that…
Correct!
When I try to login to MET I cannot select my IdP. This seems to be caused by MET using something called
cdn.discojuice.net
which has an extremely insecure SSL config. So insecure that stock Firefox plainly refuses to connect to it.See: https://www.ssllabs.com/ssltest/analyze.html?d=cdn.discojuice.org&s=99.198.110.253&hideResults=on