[Bradford] Web site bloopers

Duncan Hughes duncster at gmail.com
Mon Dec 17 22:01:20 UTC 2018


$ openssl s_client -connect bradlug.co.uk:443
CONNECTED(00000003)
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert High Assurance EV Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert SHA2 High Assurance Server CA
verify return:1
depth=0 C = US, ST = California, L = San Francisco, O = "GitHub, Inc.", CN = *.github.com
verify return:1
---
Certificate chain
 0 s:/C=US/ST=California/L=San Francisco/O=GitHub, Inc./CN=*.github.com
   i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA
 1 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA
   i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA


Might be worth getting a bradlug.org.uk certificate.  I’m pretty sure there’s a free CA out there but John probably knows more about this than I do.



---

> On 17 Dec 2018, at 21:52, Duncan Hughes <duncster at gmail.com> wrote:
> 
> I’m not sure how the “safe browsing” database works but it could just be down to a dodgy certificate.  Prior to updating Firefox a minute ago, I got a warning about the certificate only being valid for some subdomain of github.  Since updating Firefox, I get the redirect to transparency report.
> 
> 
>> On 17 Dec 2018, at 21:38, John Leach via Bradford <bradford at mailman.lug.org.uk> wrote:
>> 
>> My up-to-date install of Firefox reports the same. It's using Google's
>> "Safe Browsing" database and bradlug.co.uk is listed:
>> 
>> "The site https://bradlug.co.uk/ contains harmful content, including
>> pages that:
>> 
>>   Send visitors to harmful websites
>> 
>> 
>> https://transparencyreport.google.com/safe-browsing/search?url=https:%2F%2Fbradlug.co.uk%2F
>> 
>> 
>> Whoever controls the dns can register the domain with google's
>> webmaster tools and get more information - it might tell you
>> specifically which pages have the links.
>> 
>> John.
>> 
>> On Mon, 2018-12-17 at 18:50 +0000, John Robert Hudson via Bradford
>> wrote:
>>> HI Darren
>>> 
>>> The website is not secure according to chromium but we do not use it
>>> for 
>>> transactions; so the issue is whether someone could get into the
>>> website to 
>>> inject malicious content or use it as a base for rogue operations.
>>> GitHub are 
>>> very good about warning us about any security problems.
>>> 
>>> John
>>> 
>>> On Monday, 17 December 2018 14:40:43 GMT Darren Drapkin via Bradford
>>> wrote:
>>>> I have been having a spot of bother with my PC due to a failed
>>>> software
>>>> update. I have been viewing the web with new eyes and old browsers.
>>>> 
>>>> In my aged copy of firefox, Bradlug looks like it is armed and
>>>> dangerous. I
>>>> do hope that this is not the case and that you are just using the
>>>> CACert
>>>> site certificate set, or some such.
>>>> --
>>>> Yours &c.
>>>> Darren Drapkin
>>>> 
>>>> --
>>>> Bradford mailing list
>>>> Bradford at mailman.lug.org.uk
>>>> https://mailman.lug.org.uk/mailman/listinfo/bradford
>>> 
>>> 
>>> 
>>> 
>> 
>> 
>> 
>> -- 
>> Bradford mailing list
>> Bradford at mailman.lug.org.uk
>> https://mailman.lug.org.uk/mailman/listinfo/bradford
> 




More information about the Bradford mailing list