Quick Links

www.spi-inc.org uses an invalid security certificate

From:	TJ <spi-inc(at)iam(dot)tj>
To:	spi-general(at)lists(dot)spi-inc(dot)org
Subject:	www.spi-inc.org uses an invalid security certificate
Date:	2014-02-27 07:43:32
Message-ID:	530EECA4.6010606@iam.tj
Views:	Raw Message \| Whole Thread \| Download mbox
Thread:
Lists:	spi-general

Early I accessed a secure Debian server [1] that presented a X509 certificate issued by an untrusted CA that turned out to be spi-inc.

Visiting spi-inc.org [2] I hit another issue with an invalid certificate being presented causing Firefox to warn "The certificate is not valid for any server names" (as well as certificate not
trusted). The certificate's Common Name is "members.spi-inc.org" and there are no Subject Alt Name hosts.

How can we have trust in the CA when the CA itself cannot correctly manage its own certificates?

[1] https://alioth.debian.org/scm/?group_id=30428
[2[ https://spi-inc.org/

Responses

Re: www.spi-inc.org uses an invalid security certificate at 2014-02-27 16:03:17 from Joshua D. Drake
Re: www.spi-inc.org uses an invalid security certificate at 2014-02-27 16:31:35 from Bill Allombert
Re: www.spi-inc.org uses an invalid security certificate at 2014-02-27 17:37:57 from Jimmy Kaplowitz

Browse spi-general by date

	From	Date	Subject
Next Message	Joshua D. Drake	2014-02-27 16:03:17	Re: www.spi-inc.org uses an invalid security certificate
Previous Message	Michael Schultheiss	2014-02-24 15:38:03	Re: Donations page not displaying properly in Firefox or Chrome