Closed guaka closed 4 months ago
maybe related:
The SSL certificate of nostr.zebedee.cloud:443
(vulgo "https://nostr.zebedee.cloud") is not valid for that domain:
wget -O /dev/null 'https://nostr.zebedee.cloud'
:
[...]
The certificate's owner does not match hostname ‘nostr.zebedee.cloud’
openssl s_client -showcerts -connect nostr.zebedee.cloud:443
:
Connecting to 24.199.71.187
CONNECTED(00000003)
depth=2 C=US, O=Internet Security Research Group, CN=ISRG Root X1
verify return:1
depth=1 C=US, O=Let's Encrypt, CN=R3
verify return:1
depth=0 CN=names-hub.com
verify return:1
---
Certificate chain
0 s:CN=names-hub.com
i:C=US, O=Let's Encrypt, CN=R3
a:PKEY: id-ecPublicKey, 256 (bit); sigalg: RSA-SHA256
v:NotBefore: Jan 13 01:10:16 2024 GMT; NotAfter: Apr 12 01:10:15 2024 GMT
1 s:C=US, O=Let's Encrypt, CN=R3
i:C=US, O=Internet Security Research Group, CN=ISRG Root X1
a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
v:NotBefore: Sep 4 00:00:00 2020 GMT; NotAfter: Sep 15 16:00:00 2025 GMT
2 s:C=US, O=Internet Security Research Group, CN=ISRG Root X1
i:O=Digital Signature Trust Co., CN=DST Root CA X3
a:PKEY: rsaEncryption, 4096 (bit); sigalg: RSA-SHA256
v:NotBefore: Jan 20 19:14:03 2021 GMT; NotAfter: Sep 30 18:14:03 2024 GMT
---
Server certificate
-----BEGIN CERTIFICATE-----
[...]
-----END CERTIFICATE-----
subject=CN=names-hub.com
issuer=C=US, O=Let's Encrypt, CN=R3
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: ECDSA
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 4144 bytes and written 407 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 256 bit
This TLS version forbids renegotiation.
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384
Session-ID: 4A5E87DE3F51C88DA52A1D1CF05FDBCF93AA7E8BD8849A37DE2FFD3DE50BCBE0
Session-ID-ctx:
Resumption PSK: 8E921F4BA5CF408EFB331F7B019AA604FEC8A6119866EF5929808696942B77A835BE1E321DB3634B6C694EE72E75338A
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 86400 (seconds)
TLS session ticket:
0000 - 33 6d 15 5c 0f 90 6b f8-fa 18 10 05 ee 1a d2 7e 3m.\..k........~
0010 - bc b2 dc 65 c1 e8 01 ac-46 e6 8e 57 45 ee 0f 96 ...e....F..WE...
Start Time: 1709112852
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Max Early Data: 0
---
read R BLOCK
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384
Session-ID: 3002C1DC200DD27AB0663F8A5712AFABBCBD80827F1D24C77A877D081C7BA4C8
Session-ID-ctx:
Resumption PSK: 889638768CBD4D2B72A11F6C894CD4C88FF8DC4719027FEFAE8163DDAB1A85143281732B5691CAE3895B8CA7F5300580
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 86400 (seconds)
TLS session ticket:
0000 - 5f eb 88 3d 34 4b 64 d0-cb e6 b4 1e 41 bc a4 87 _..=4Kd.....A...
0010 - 16 44 f7 92 f6 06 0b b7-c7 0e 54 56 d6 b8 0a 58 .D........TV...X
Start Time: 1709112852
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Max Early Data: 0
---
read R BLOCK
I don't get the context of this bug report. What conditions produce this error? Why do we care?
@guaka can we close this?
Firefox can’t establish a connection to the server at wss://nostr.zebedee.cloud/.