[Open Crypto Project] #30: https://cryptech.is/ throws error with NIST DANE tested

Open Crypto Project trac at cryptech.is
Wed May 13 22:40:09 UTC 2015


#30: https://cryptech.is/ throws error with NIST DANE tested
----------------------+------------------
 Reporter:  randy     |       Owner:  sra
     Type:  defect    |      Status:  new
 Priority:  minor     |   Milestone:
Component:  sysadmin  |     Version:
 Keywords:            |  Blocked By:
 Blocking:            |
----------------------+------------------
 result from https://www.had-pilot.com/dane/danelaw.html for
 https://cryptech.is/

 {{{
 Getting URL: https://cryptech.is
 Server Cert at depth=2 Cert issued by: opensesa.py: OK? 1 Server Cert at
 depth=1 Cert issued by: opensesa.py: OK? 1 Server Cert at depth=0 Cert
 issued by: opensesa.py: Calling danechecker with 3 certs in chain.
 gnucall: certs in chain: 3
 End Cert Common Name: CN=StartCom Class 1 Primary Intermediate Server CA
 End Cert SubjectAltName: DNS:wp.cryptech.is, DNS:cryptech.is
 Target Domain Name: cryptech.is
 No name checks needed for cu=3. Chain Length = 3
 DNS Result = NOERROR, DNSSEC = DNSSEC Validated Response (Flags = qr rd ra
 ad)
 ad flag identifies authenticated domain
 Server Name Indication: SubjectAltName matches target domain:
 cryptech.is=cryptech.is.
 DANE Failed on TLSA lookups and/or Certificate Verification.
 cryptech.is authentication failed. TLSAuthentication error:
 TLSAuthenticationError()
 }}}

--
Ticket URL: <https://trac.cryptech.is/ticket/30>
Open Crypto Project <https://wiki.cryptech.is/>



More information about the Ticket-BCC mailing list