💾 Archived View for gemi.dev › gemini-mailing-list › 001086.gmi captured on 2024-05-26 at 17:17:30. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2023-12-28)

-=-=-=-=-=-=-

[Tech] A server to test client certificates?

• 📧 Messages: 5
• 🗣️ Authors: 3
• 📅 First Message: 2021-11-28 19:15
• 📅 Last Message: 2021-11-29 07:19

1. Stephane Bortzmeyer (stephane (a) sources.org)

• 📅 Sent: 2021-11-28 19:15
• 📧 Message 1 of 5

I'm quite sad that gemini://gemini.conman.org/ is gone, it was very
useful for, among other things, testing client certificate support in
a Gemini client.

I'm looking for an alternative. Is there another server that accepts
client certificates and echoes in some way the received cert, to
include in a test suite for a client?

Link to individual message.

2. (gemini (a) xj-ix.luxe)

• Subject Changed! New Subject: Re: [Tech] A server to test client certificates?
• 📅 Sent: 2021-11-28 22:31
• 📧 Message 2 of 5

On 11/28/21 12:15, Stephane Bortzmeyer wrote:
> I'm quite sad that gemini://gemini.conman.org/ is gone, it was very
> useful for, among other things, testing client certificate support in
> a Gemini client.
> 
> I'm looking for an alternative. Is there another server that accepts
> client certificates and echoes in some way the received cert, to
> include in a test suite for a client?
> 

i have a cgi script that i run under molly-brown for this purpose

gemini://xj-ix.luxe:1969/bin/fingerprint

mostly reliable, but hosted on a wireless mesh so ymmv

Link to individual message.

3. Mansfield (mansfield (a) ondollo.com)

• 📅 Sent: 2021-11-28 23:41
• 📧 Message 3 of 5

On Sun, Nov 28, 2021 at 12:18 PM Stephane Bortzmeyer <stephane@sources.org>
wrote:

> I'm quite sad that gemini://gemini.conman.org/ is gone, it was very
> useful for, among other things, testing client certificate support in
> a Gemini client.
>
> I'm looking for an alternative. Is there another server that accepts
> client certificates and echoes in some way the received cert, to
> include in a test suite for a client?
>


The gemini server at ondollo.com has some URLs to test clients, one of
which will respond with the common name and a chunk from the first part of
the fingerprint.

 ```
gemini://ondollo.com/internal/test?showCert
 ```

Using the Mansfield client to hit that url and dump the raw response to the
cli looks like this:

 ```
./mansfield -rs gemini://ondollo.com/internal/test?showCert
20 text/gemini
common_name_in_cert:26:99:8E
 ```

I wouldn't mind adding more to the output if it helped you.

Link to individual message.

4. Stephane Bortzmeyer (stephane (a) sources.org)

• 📅 Sent: 2021-11-29 07:17
• 📧 Message 4 of 5

On Sun, Nov 28, 2021 at 03:31:41PM -0700,
 gemini@xj-ix.luxe <gemini@xj-ix.luxe> wrote 
 a message of 16 lines which said:

> i have a cgi script that i run under molly-brown for this purpose
> 
> gemini://xj-ix.luxe:1969/bin/fingerprint

It works fine, thanks.

% agunua --certificate sample-cert-user.pem --key sample-key-user.pem 
gemini://xj-ix.luxe:1969/bin/fingerprint
...
 ```
hash=572b4ab52c1d0942ade84b75ae5ae4e56ff70ecc43c4b004e21808ff84c4f6e2
cn=User
 ```

Link to individual message.

5. Stephane Bortzmeyer (stephane (a) sources.org)

• 📅 Sent: 2021-11-29 07:19
• 📧 Message 5 of 5

On Sun, Nov 28, 2021 at 04:41:09PM -0700,
 Mansfield <mansfield@ondollo.com> wrote 
 a message of 68 lines which said:

> The gemini server at ondollo.com has some URLs to test clients, one of
> which will respond with the common name and a chunk from the first part of
> the fingerprint.

It works fine, thanks.

% agunua --certificate sample-cert-user.pem --key sample-key-user.pem 
"gemini://ondollo.com/internal/test?showCert"
User:51:DE:B5

Link to individual message.

---

Previous Thread: [Off Topic] Happy Holidays and Well Wishes

Next Thread: [Off Topic] WiFi HaLow, Mesh, and Low Powered Devices