Stephane Bortzmeyer stephane at sources.org
Tue Mar 16 10:21:17 GMT 2021
- - - - - - - - - - - - - - - - - - -
On Tue, Mar 16, 2021 at 11:07:35AM +0100, Omar Polo <op at omarpolo.com> wrote a message of 17 lines which said:
I'm not able to load the page on any clients (porcelain, lagrange,
tinmop & my secret little project) on OpenBSD. All of them complains
about a failure during the handshake :/
No problem with Lagrange or Amfora here. gnutls-cli shows no TLSissue:
% gnutls-cli --insecure -p 1965 discovery.geminiprotocol.comProcessed 0 CA certificate(s).Resolving 'discovery.geminiprotocol.com:1965'...Connecting to '95.217.134.139:1965'...- Certificate type: X.509- Got a certificate list of 1 certificates.- Certificate[0] info: - subject `EMAIL=admin at geminiprotocol.com,CN=discovery.geminiprotocol.com,C=se', issuer `EMAIL=admin at geminiprotocol.com,CN=discovery.geminiprotocol.com,C=se', serial 0x4c149bab68907b80691f37bbfae5c30ef6a6ae6d, EdDSA (Ed25519) key 256 bits, signed using EdDSA-Ed25519, activated `2021-03-14 18:03:31 UTC', expires `2040-12-31 18:03:31 UTC', pin-sha256="wPXjqjkOcGyL4cY7RGy4ctMLDZfxfTXxgHkKQY9A+bc=" Public Key ID: sha1:a105e4d487cbef2db156c4cb5413e27382b2b1fd sha256:c0f5e3aa390e706c8be1c63b446cb872d30b0d97f17d35f180790a418f40f9b7 Public Key PIN: pin-sha256:wPXjqjkOcGyL4cY7RGy4ctMLDZfxfTXxgHkKQY9A+bc=
- Status: The certificate is NOT trusted. The certificate issuer is unknown. *** PKI verification of server certificate failed...- Successfully sent 0 certificate(s) to server.- Description: (TLS1.2-X.509)-(ECDHE-X25519)-(EdDSA-Ed25519)-(AES-256-GCM)- Session ID: F8:63:9A:89:C8:0B:8A:C7:58:15:8F:74:23:00:95:A5:67:D8:F8:FE:5F:40:FD:4F:8A:4B:AE:31:44:31:23:D6- Options: extended master secret, safe renegotiation,- Handshake was completed