Opened 5 years ago

Closed 17 months ago

#1426 closed task (no response)

certificate upgrades

Reported by: killyourtv Owned by: Eche|on
Priority: major Milestone:
Component: www/i2p Version:
Keywords: Cc:
Parent Tickets: Sensitive: no

Description

Google will be displaying warnings in Chrome when users visit https sites that use SHA1 certificates and expire after 2016. We should make a point to update to SHA256 certificates when we can.

See https://community.qualys.com/blogs/securitylabs/2014/09/09/sha1-deprecation-what-you-need-to-know for more info.

Subtickets

Attachments (1)

sha1.png (51.2 KB) - added by killyourtv 4 years ago.
Browser warning in Chrome

Download all attachments as: .zip

Change History (10)

comment:1 Changed 5 years ago by killyourtv

Type: defecttask

comment:2 Changed 5 years ago by zzz

Which sites are affected? reseed? geti2p.net? trac? Then we know who to assign it to.

comment:3 Changed 5 years ago by killyourtv

Backup is on top of the reseed situation with the hosts almost certainly contacted. (backup++)

All of the certificates we recently obtained from Commodo are affected, so *.i2p2.de, geti2p.net, syndie.de and others that I can't recall at the moment.

comment:4 in reply to:  description Changed 4 years ago by killyourtv

Replying to killyourtv:

Google will be displaying warnings in Chrome when users visit https sites that use SHA1 certificates and expire after 2016. We should make a point to update to SHA256 certificates when we can.

This is now reality. I went to the project site in Chrome and indeed the site is flagged as unsafe.

Browser warning in Chrome

Last edited 4 years ago by killyourtv (previous) (diff)

Changed 4 years ago by killyourtv

Attachment: sha1.png added

Browser warning in Chrome

comment:5 Changed 4 years ago by killyourtv

Owner: set to Eche|on
Status: newassigned

comment:6 Changed 4 years ago by zzz

I believe geti2p.net is fixed, and trac.i2p2.de fix is in progress

comment:7 in reply to:  6 Changed 4 years ago by killyourtv

Replying to zzz:

I believe geti2p.net is fixed, and trac.i2p2.de fix is in progress

Done:

  • geti2p.net
  • download.i2p2.de
  • trac.i2p2.de

Not done:

  • syndie.de

comment:8 Changed 4 years ago by zzz

Status: assignedinfoneeded

syndie.de is welt? Or? Whom to assign this to?

comment:9 Changed 17 months ago by Eche|on

Resolution: no response
Status: infoneededclosed

Certs updated to letsencrypt certs.

Note: See TracTickets for help on using tickets.