entropic-dev / entropic

🦝 :package: a package registry for anything, but mostly javascript 🦝 🦝 🦝
https://discourse.entropic.dev/
Apache License 2.0
5.29k stars 152 forks source link

Discourse Misconfigured Cert - Firefox #306

Open TomPridham opened 5 years ago

TomPridham commented 5 years ago

Is this a feature request or a bug?

bug

Expected behavior:

being able to connect to https://discourse.entropic.dev/t/looking-for-help-setting-up-fluent-rs/203

Actual behavior:

security warning from firefox Screenshot from 2019-07-06 19-58-17

Steps to replicate:

Environment info (where relevant)

firefox on ubuntu also happens with firefox on android

zacanger commented 5 years ago

This doesn't happen for me on browsers that have been to the Discourse instance before, but does on a clean install of Firefox Nightly on Android. The issuer there is Gandi so I wonder if FF doesn't recognize them as a CA by default, or if something was revoked?

Weirdly, I can hit registry.entropic.dev just fine even though it's (I think?) the same wildcard cert.

EDIT:

After hitting registry.entropic.dev I can now go back to discourse.entropic.dev just fine, so chances are that's why discourse works fine for me in my other browsers — because I'd already hit entropic.dev before Discourse was set up. Your alt name includes *.entropic.dev so I don't know what else to look at from here.

iarna commented 5 years ago

Some research implies that it may be missing intermediate certificates, as if you've visited a different site previously that provided them, it'll work:

http://wiki.gandi.net/en/ssl/intermediate

'course that site says "pre-2010" so whoooo knows