Modify

#22028 closed defect (fixed)

jow added a png file to openwrt.org that breaks propper https!

Reported by: anonymous Owned by:
Priority: high Milestone:
Component: website Version: Trunk
Keywords: Cc:

Description

Jow, thanks for the information about the battlemesh in portugal, but could you please upload the png file to a propper https working server or update the certificate of your server ant then the link?
You server certificate expired on 04.10.2013 11:11! Yes, 2013!! We have now in 2016 free and great certificates from letsencrypt. Please use them if you would like a automated system of updating your certificate so that you dont have to care more about that.

The link how it should look like on openwrt.org:
https://luci.subsignal.org/~jow/battlemesh-v9-poster-web.png

how it looks now and gives warnings in modern browsers:
http://luci.subsignal.org/~jow/battlemesh-v9-poster-web.png

By the way, your server is totaly broken from the security side:
https://www.ssllabs.com/ssltest/analyze.html?d=luci.subsignal.org&latest

Some notes:
This server is vulnerable to the POODLE attack. (BAD!)
This server supports weak Diffie-Hellman (DH) key exchange parameters (BAD!)
Certificate uses a weak signature (BAD!)
The server does not support Forward Secrecy (BAD!)

You seem to use ubuntu 14.04 on your server. Fixing those things should be easy.

Greetings

Attachments (0)

Change History (1)

comment:1 Changed 23 months ago by jow

  • Resolution set to fixed
  • Status changed from new to closed

Image link fixed.

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.