Closed ngorskikh closed 2 years ago
This would have been a useful test case for me as well, please fix.
This is currently impossible to serve in nginx, as the server will refuse to start as it sees the cert and private key mismatch and aborts. See https://github.com/chromium/badssl.com/pull/443#issuecomment-784556007 for more context.
I should fully remove it so that this stops tripping people who see it and wish it worked.
The prod server was missing the commit from #470. Fixed so this should no longer show on the homepage listing.
@christhompson However it still shows as the last item on Dashboard, leading people to open new issues as #503 :( — seems the https://badssl.com/dashboard/sets.js wasn't deployed back then.
Looks like the server is misconfigured:
curl -o /dev/null -sv -k https://reversed-chain.badssl.com/
``` * Trying 104.154.89.105:443... * Connected to reversed-chain.badssl.com (104.154.89.105) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/ssl/cert.pem * CApath: none * TLSv1.2 (OUT), TLS handshake, Client hello (1): } [239 bytes data] * TLSv1.2 (IN), TLS handshake, Server hello (2): { [108 bytes data] * TLSv1.2 (IN), TLS handshake, Certificate (11): { [1278 bytes data] * TLSv1.2 (IN), TLS handshake, Server key exchange (12): { [333 bytes data] * TLSv1.2 (IN), TLS handshake, Server finished (14): { [4 bytes data] * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): } [70 bytes data] * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1): } [1 bytes data] * TLSv1.2 (OUT), TLS handshake, Finished (20): } [16 bytes data] * TLSv1.2 (IN), TLS change cipher, Change cipher spec (1): { [1 bytes data] * TLSv1.2 (IN), TLS handshake, Finished (20): { [16 bytes data] * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256 * ALPN, server accepted to use http/1.1 * Server certificate: * subject: C=US; ST=California; L=San Francisco; O=BadSSL Fallback. Unknown subdomain or no SNI.; CN=badssl-fallback-unknown-subdomain-or-no-sni * start date: Aug 8 21:17:05 2016 GMT * expire date: Aug 8 21:17:05 2018 GMT * issuer: C=US; ST=California; L=San Francisco; O=BadSSL; CN=BadSSL Intermediate Certificate Authority * SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway. > GET / HTTP/1.1 > Host: reversed-chain.badssl.com > User-Agent: curl/7.77.0 > Accept: */* > * Mark bundle as not supporting multiuse < HTTP/1.1 421 Misdirected Request < Server: nginx/1.10.3 (Ubuntu) < Date: Tue, 14 Dec 2021 17:30:32 GMT < Content-Type: application/octet-stream < Content-Length: 284 < Connection: keep-alive < { [284 bytes data] * Connection #0 to host reversed-chain.badssl.com left intact ```