Title: Bad certificate, what is going on? Post by: BurtW on December 26, 2013, 01:03:18 PM Logging in today I get a bad certificate warning. What is going on? Has the site been hacked again?
Title: Re: Bad certificate, what is going on? Post by: _wayfarer_ on December 26, 2013, 01:05:41 PM They might have just been a little late renewing their certificate. Didn't get any warnings myself.
Title: Re: Bad certificate, what is going on? Post by: BurtW on December 26, 2013, 01:10:01 PM It is a name mismatch. It is a brand new certificate. The name on the cert is ip.bitcointalk.org, hence the mismatch.
The fingerprint is: 5b 3e 9a 8f 37 c8 a9 4c 94 97 8d f5 11 16 7d 44 a2 bc 22 16 Can someone else check their cert for me? The dates on the cert I am getting are 12/24/2013 to 12/27/2014 I also get the same error going through the direct IP https://109.201.133.195 Title: Re: Bad certificate, what is going on? Post by: rarkenin on December 26, 2013, 01:16:00 PM Confirmed, same cert (5b 3e 9a 8f 37 c8 a9 4c 94 97 8d f5 11 16 7d 44 a2 bc 22 16) with the same dates.
Edit: For some reason I have the same DNS name on the cert but no warning. Using Opera. Title: Re: Bad certificate, what is going on? Post by: PPT-PR on December 26, 2013, 01:26:44 PM BUT when I log on I am getting:
www.bitcointalk.org Fingerprint: 29 0e cc 82 2b 3c ce 0a 73 94 35 a0 26 15 ec d3 eb 1f 46 6b Dates: 10/5/2013 to 8/5/2014 Title: Re: Bad certificate, what is going on? Post by: jackjack on December 26, 2013, 01:28:39 PM BUT when I log on I am getting: www.bitcointalk.org Fingerprint: 29 0e cc 82 2b 3c ce 0a 73 94 35 a0 26 15 ec d3 eb 1f 46 6b Dates: 10/5/2013 to 8/5/2014 Same for me Title: Re: Bad certificate, what is going on? Post by: BurtW on December 26, 2013, 01:30:00 PM Some of us may have just gotten our passwords stolen. Admins? Please help?
Title: Re: Bad certificate, what is going on? Post by: BurtW on December 26, 2013, 01:44:33 PM More detail:
CN = ip.bitcointalk.org OU = Domain Control Validated - RapidSSL(R) OU = See www.rapidssl.com/resources/cps (c)13 OU = GT27905226 Serial Number = iz7tU8lDvfAOsosDeafhWwMAc7P7Lrep Public Key 30 82 01 0a 02 82 01 01 00 d6 32 2f da a0 42 6e 6f 3b de 14 d0 bd 1a d6 31 08 a2 da 3b f7 f8 be 9d bc cc c9 98 87 a0 46 af bf 00 08 fd 10 50 48 d8 64 a5 b5 ba e1 7e ca 05 71 1b f8 4d 47 50 71 d7 60 f0 65 7f bf ca f3 af 96 70 f0 eb 3b c3 7e 40 13 6b 55 4d 50 b4 72 f7 33 1b f4 51 a2 0a 9b e2 fd 64 3c 1d bb d6 76 8b 00 61 77 4a 43 11 b9 04 a2 d5 d0 79 47 0a e5 05 f6 b6 46 16 90 2a c3 76 c4 18 aa 5f 52 62 7b ba ec f5 1e 93 ec 4d 6f b3 8f 90 bd 32 ed 4f 54 32 8a c6 99 1f 55 18 b2 e1 3c ba b7 e9 3a 1f 94 c5 f7 91 bd f3 e2 9b 9f 11 e0 4c ad db f7 bf 21 04 76 0f 8b 04 a3 66 c4 f8 55 25 57 7a 73 20 04 87 99 75 7b b2 7e 0b f9 ca 65 f6 87 3c 66 7d a2 a7 6c fa 26 41 92 43 03 40 0d 13 61 64 21 4f c6 06 a4 2d b6 35 e6 c9 9b 6a fa a0 4f 66 db 04 b1 1e 1a 99 3a dc dd e4 77 d1 c4 fc c7 49 e3 f6 0f bf 02 03 01 00 01 DNS Name=ip.bitcointalk.org Title: Re: Bad certificate, what is going on? Post by: PPT-PR on December 26, 2013, 01:48:01 PM Well mine shows:
CN = www.bitcointalk.org OU = Domain Control Validated - RapidSSL(R) OU = See www.rapidssl.com/resources/cps (c)13 OU = GT09728370 Serial Number = JTwTMeXvVHcrA/jnpRfih/8SESWljFo1 Public Key: 30 82 01 0a 02 82 01 01 00 d6 32 2f da a0 42 6e 6f 3b de 14 d0 bd 1a d6 31 08 a2 da 3b f7 f8 be 9d bc cc c9 98 87 a0 46 af bf 00 08 fd 10 50 48 d8 64 a5 b5 ba e1 7e ca 05 71 1b f8 4d 47 50 71 d7 60 f0 65 7f bf ca f3 af 96 70 f0 eb 3b c3 7e 40 13 6b 55 4d 50 b4 72 f7 33 1b f4 51 a2 0a 9b e2 fd 64 3c 1d bb d6 76 8b 00 61 77 4a 43 11 b9 04 a2 d5 d0 79 47 0a e5 05 f6 b6 46 16 90 2a c3 76 c4 18 aa 5f 52 62 7b ba ec f5 1e 93 ec 4d 6f b3 8f 90 bd 32 ed 4f 54 32 8a c6 99 1f 55 18 b2 e1 3c ba b7 e9 3a 1f 94 c5 f7 91 bd f3 e2 9b 9f 11 e0 4c ad db f7 bf 21 04 76 0f 8b 04 a3 66 c4 f8 55 25 57 7a 73 20 04 87 99 75 7b b2 7e 0b f9 ca 65 f6 87 3c 66 7d a2 a7 6c fa 26 41 92 43 03 40 0d 13 61 64 21 4f c6 06 a4 2d b6 35 e6 c9 9b 6a fa a0 4f 66 db 04 b1 1e 1a 99 3a dc dd e4 77 d1 c4 fc c7 49 e3 f6 0f bf 02 03 01 00 01 DNS Name=www.bitcointalk.org DNS Name=bitcointalk.org Title: Re: Bad certificate, what is going on? Post by: BurtW on December 26, 2013, 03:55:56 PM Bump.
Anyone else with this issue? Do those of us getting the bad cert need to reset our passwords? Please let us know. Thanks! Title: Re: Bad certificate, what is going on? Post by: BurtW on December 26, 2013, 03:56:25 PM Why are there two different certificates floating around?
Title: Re: Bad certificate, what is going on? Post by: BurtW on December 26, 2013, 04:25:59 PM Why are there two different certificates floating around? Bump, I am still getting this issue. Anyone else? Mods/Admins please respond.Title: Re: Bad certificate, what is going on? Post by: flatfly on December 26, 2013, 04:26:44 PM I have:
29 0e cc 82 2b 3c ce 0a 73 94 35 a0 26 15 ec d3 eb 1f 46 6b Title: Re: Bad certificate, what is going on? Post by: rarkenin on December 26, 2013, 05:19:40 PM People with varying certificates, can you please hit https://bitcointalk.org/cdn-cgi/trace (https://bitcointalk.org/cdn-cgi/trace)? This should normally 404. If Cloudflare is added all of a sudden, it will return a debug message like:
Code: fl=11f14 Since there's no way to disable this cloudflare page it would be a good indicator if bitcointalk or any site gets cloudflared without permission. Title: Re: Bad certificate, what is going on? Post by: BurtW on December 26, 2013, 05:33:56 PM People with varying certificates, can you please hit https://bitcointalk.org/cdn-cgi/trace (https://bitcointalk.org/cdn-cgi/trace)? This should normally 404. If Cloudflare is added all of a sudden, it will return a debug message like: I got a 404 Not Found error (after the bad cert message)Code: fl=11f14 Since there's no way to disable this cloudflare page it would be a good indicator if bitcointalk or any site gets cloudflared without permission. Title: Re: Bad certificate, what is going on? Post by: rarkenin on December 26, 2013, 05:40:39 PM That's good news. At least the forum hasn't been cloudflared, though it doesn't rule out a bad cert.
Title: Re: Bad certificate, what is going on? Post by: jackjack on December 26, 2013, 06:20:14 PM 404 too (29 0e cc 82 2b 3c ce 0a 73 94 35 a0 26 15 ec d3 eb 1f 46 6b)
Title: Re: Bad certificate, what is going on? Post by: rarkenin on December 26, 2013, 06:24:27 PM OK, as it looks, neither side is cloudflared. Still kind of suspicious. I'm still seeing 5b 3e 9a 8f 37 c8 a9 4c 94 97 8d f5 11 16 7d 44 a2 bc 22 16
Title: Re: Bad certificate, what is going on? Post by: BurtW on December 26, 2013, 06:26:51 PM http://ip.bitcointalk.org forwards to http://www.bitcoins.com
https://ip.bitcointalk.org/ is a blank page and I get the ip.bitcointalk.org cert (5b 3e 9a 8f 37 c8 a9 4c 94 97 8d f5 11 16 7d 44 a2 bc 22 16) ping ip.bitcointalk.org gives 109.201.133.195 (as does ping bitcointalk.org and www.bitcointalk.org) Title: Re: Bad certificate, what is going on? Post by: theymos on December 26, 2013, 09:34:24 PM I created that certificate (same public key as the bitcointalk.org cert, actually), but it obviously shouldn't be served for bitcointalk.org. I don't see it served for bitcointalk.org, though. Maybe your browsers aren't sending a Host header or something? I will figure out how to change the default cert back to the bitcointalk.org one.
Title: Re: Bad certificate, what is going on? Post by: theymos on December 26, 2013, 09:51:58 PM Is it fixed now?
Title: Re: Bad certificate, what is going on? Post by: rarkenin on December 26, 2013, 10:27:32 PM Huh,. I'm not sending a Host header properly, most likely, but I'm trusting the cert nonetheless.
Title: Re: Bad certificate, what is going on? Post by: BurtW on December 26, 2013, 11:18:50 PM Is it fixed now? Yes, it is fixed now. Thanks.Title: Re: Bad certificate, what is going on? Post by: _wayfarer_ on December 26, 2013, 11:21:59 PM Nice to see the administration is responsive to issues like this :)
|