💾 Archived View for rawtext.club › ~sloum › geminilist › 007584.gmi captured on 2023-09-08 at 16:31:35. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2021-11-30)
-=-=-=-=-=-=-
Mansfield mansfield at ondollo.com
Thu Nov 11 06:52:15 GMT 2021
- - - - - - - - - - - - - - - - - - -
On Wed, Nov 10, 2021 at 4:19 AM Omar Polo <op at omarpolo.com> wrote:
Mansfield <mansfield at ondollo.com> writes:
On Tue, Nov 9, 2021 at 6:46 PM Mansfield <mansfield at ondollo.com> wrote:
On Tue, Nov 9, 2021 at 2:16 AM Balázs Botond <balazsbotond at gmail.com>
wrote:
Hi,
On Tue, Nov 9, 2021 at 2:39 AM Mansfield <mansfield at ondollo.com> wrote:
My limited response:
gemini://ondollo.com/~/mansfield/A Writeable Gemini.gem
There's a problem with the certificate at ondollo.com so your link
doesn't work.
Botond
Oh... interesting... the classic "works for me"... well, here's the
cert from the Mozz proxies perspective:
https://portal.mozz.us/gemini/ondollo.com?crt=1
I wonder what's wrong with it? Mozz doesn't load the site either...
I guess I gave a poor link as well... the spaces weren't encoded. Does
this link work for you?
gemini://ondollo.com/~/mansfield/A%20Writeable%20Gemini.gem
I tweaked the server to accept connections that don't provide a cert -
seems to have turned the Mozz close_notify red x to a green
checkmark.
Maybe now things will work better for you (and others with similar
clients, no doubt).
Many thanks for letting me know that that was broken!
It's still broken unfortunately. While it's true that the certificate
doesn't include the domain name:
% printf 'gemini://ondollo.com\r\n' | nc -Tnoverify -c ondollo.com 1965
nc: tls handshake failed (name `ondollo.com' not present in server
certificate)
even if I throw a -noname at it (which disables the certificate name
checking) the reply is still empty :/
% printf 'gemini://ondollo.com\r\n' | nc -Tnoverify -Tnoname -c
ondollo.com 1965
% echo $?
0
Well, thanks for all the responses - turns out I had a few bits that neededadjusting beyond the common_name one.
For anyone else caught in a tls debug process and wanting an easy way totest their server, I ended up using a command like this:
That command alone won't get you all the way there, but it could help. Italso helps that Gemini clients tend to not be complicated to get going with. Hopefully everything is accessible now!-------------- next part --------------An HTML attachment was scrubbed...URL: <https://lists.orbitalfox.eu/archives/gemini/attachments/20211110/5fcb5e1e/attachment.htm>