Seems like certificate has been revoked

perki / backloop.dev

Loopback domain and SSL certs to serve https:// content form localhost

Other

9 stars 0 forks source link

Seems like certificate has been revoked #5

Open smtrd3 opened 3 days ago

smtrd3 commented 3 days ago

I am getting ERR_CERT_REVOKED error, the certificate might be revoked as per the error message.

Screenshot 2024-11-13 at 3 14 46 PM

perki commented 3 days ago

Hello, @smtrd3 I cannot reproduce this. You may try backloop.dev-update if you use the CLI or npm run postinstall from npm package for a test

perki commented 3 days ago

Indeed the following command openssl ocsp -issuer certs/backloop.dev-ca.crt -cert certs/backloop.dev-cert.crt -text -url http://r10.o.lencr.org returns keyCompromise

This is probably due to the fact that the key is publicly available .. Which is the purpose of backloop.dev

I need to figure out how it was reported and how to avoid this

perki commented 3 days ago

@smtrd3 I renewed the certificates. You just have to delete the curent ones (in certs/*) and run npm run postinstall to install the new ones, still this is a quick fix and we can expect the certificates to be revoked until we find the cause and a remedy ;)

smtrd3 commented 3 days ago

@perki Thanks for the quick fix!

perki commented 3 days ago

@smtrd3 Actually, anyone can revoke the certificate. As the key is available see

This might be of a good intent .. but not in the case of backloop.dev