search

lavv17 / lftp

sophisticated command line file transfer program (ftp, http, sftp, fish, torrent)
http://lftp.yar.ru
GNU General Public License v3.0
1.11k stars 162 forks source link

lftp.yar.ru lftp.tech certificates expired #595

Closed jer-gentoo closed 4 years ago

jer-gentoo commented 4 years ago

I am seeing a failure in the test suite:

FAIL: lftp-https-get
====================

cat: /features.html: Fatal error: Certificate verification: Not trusted (99:55:70:76:94:83:A5:0F:61:B8:2D:AF:47:A5:C3:F7:7A:05:AC:B6)
FAIL lftp-https-get (exit status: 1)

curl confirms:

# curl -v https://lftp.yar.ru/features.html
*   Trying 213.187.99.145:443...
* Connected to lftp.yar.ru (213.187.99.145) port 443 (#0)
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS alert, certificate expired (557):
* SSL certificate problem: certificate has expired
* Closing connection 0
curl: (60) SSL certificate problem: certificate has expired
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
# curl -v https://lftp.tech/features.html
*   Trying 213.187.99.145:443...
* Connected to lftp.tech (213.187.99.145) port 443 (#0)
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS alert, certificate expired (557):
* SSL certificate problem: certificate has expired
* Closing connection 0
curl: (60) SSL certificate problem: certificate has expired
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
Neustradamus commented 4 years ago

When we look, it is has been solved after this ticket creation :)

Neustradamus commented 4 years ago

@lavv17 : Can you auto redirect all http pages to httpS?

Examples:

jer-gentoo commented 4 years ago

Yes, this issue appears to have been fixed on August 5 2020.