Opened 4 years ago

Closed 13 months ago

#1426 closed task (no response)

certificate upgrades

Reported by: killyourtv Owned by: echelon
Priority: major Milestone:
Component: www/i2p Version:
Keywords: Cc:
Parent Tickets:

Description

Google will be displaying warnings in Chrome when users visit https sites that use SHA1 certificates and expire after 2016. We should make a point to update to SHA256 certificates when we can.

See https://community.qualys.com/blogs/securitylabs/2014/09/09/sha1-deprecation-what-you-need-to-know for more info.

Subtickets

Attachments (1)

sha1.png (51.2 KB) - added by killyourtv 4 years ago.
Browser warning in Chrome

Download all attachments as: .zip

Change History (10)

comment:1 Changed 4 years ago by killyourtv

  • Type changed from defect to task

comment:2 Changed 4 years ago by zzz

Which sites are affected? reseed? geti2p.net? trac? Then we know who to assign it to.

comment:3 Changed 4 years ago by killyourtv

Backup is on top of the reseed situation with the hosts almost certainly contacted. (backup++)

All of the certificates we recently obtained from Commodo are affected, so *.i2p2.de, geti2p.net, syndie.de and others that I can't recall at the moment.

comment:4 in reply to: ↑ description Changed 4 years ago by killyourtv

Replying to killyourtv:

Google will be displaying warnings in Chrome when users visit https sites that use SHA1 certificates and expire after 2016. We should make a point to update to SHA256 certificates when we can.

This is now reality. I went to the project site in Chrome and indeed the site is flagged as unsafe.

Browser warning in Chrome

Last edited 4 years ago by killyourtv (previous) (diff)

Changed 4 years ago by killyourtv

Browser warning in Chrome

comment:5 Changed 4 years ago by killyourtv

  • Owner set to echelon
  • Status changed from new to assigned

comment:6 follow-up: Changed 4 years ago by zzz

I believe geti2p.net is fixed, and trac.i2p2.de fix is in progress

comment:7 in reply to: ↑ 6 Changed 4 years ago by killyourtv

Replying to zzz:

I believe geti2p.net is fixed, and trac.i2p2.de fix is in progress

Done:

  • geti2p.net
  • download.i2p2.de
  • trac.i2p2.de

Not done:

  • syndie.de

comment:8 Changed 3 years ago by zzz

  • Status changed from assigned to infoneeded

syndie.de is welt? Or? Whom to assign this to?

comment:9 Changed 13 months ago by echelon

  • Resolution set to no response
  • Status changed from infoneeded to closed

Certs updated to letsencrypt certs.

Note: See TracTickets for help on using tickets.