JDownloader Community - Appwork GmbH
 

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 02.08.2018, 23:20
mazeme
Guest
 
Posts: n/a
Default certificate no longer accepted by Chromium v70 dev branch

It looks like you need to take action soon:

**External links are only visible to Support Staff****External links are only visible to Support Staff**

**External links are only visible to Support Staff****External links are only visible to Support Staff**

Cheers!
Reply With Quote
  #2  
Old 03.08.2018, 11:19
Jiaz's Avatar
Jiaz Jiaz is offline
JD Manager
 
Join Date: Mar 2009
Location: Germany
Posts: 79,290
Default

ChromeV7 Beta will be released in September and we're waiting for auto renewal of our certs from our ssl provider. We were told that it will take place before release of V7 beta. In case they can't hold their deadline, we will temporarily switch to Let's Encrypt certificates
__________________
JD-Dev & Server-Admin
Reply With Quote
  #3  
Old 03.08.2018, 13:10
mazeme
Guest
 
Posts: n/a
Default

Let's encrypt added support for wildcard certificates earlier this year, so if you can automate the renewal process you could switch for good

good luck!
Reply With Quote
  #4  
Old 03.08.2018, 13:44
Jiaz's Avatar
Jiaz Jiaz is offline
JD Manager
 
Join Date: Mar 2009
Location: Germany
Posts: 79,290
Default

I know but our current certificate still some time left before expiring and I would like to use use it and then switch to new one. Of course I could just add to Let's encrypt now but I simply don't have time to setup/deploy it.
__________________
JD-Dev & Server-Admin
Reply With Quote
  #5  
Old 03.08.2018, 18:19
Jiaz's Avatar
Jiaz Jiaz is offline
JD Manager
 
Join Date: Mar 2009
Location: Germany
Posts: 79,290
Default

I just received email that renewal of certificates will start by next week.
__________________
JD-Dev & Server-Admin
Reply With Quote
  #6  
Old 08.08.2018, 16:31
Jiaz's Avatar
Jiaz Jiaz is offline
JD Manager
 
Join Date: Mar 2009
Location: Germany
Posts: 79,290
Default

Deploying the new certificates right now
__________________
JD-Dev & Server-Admin
Reply With Quote
  #7  
Old 08.08.2018, 23:02
mazeme
Guest
 
Posts: n/a
Default

Hello,

The domains used for LAN connections within my.jdownloader.org
Quote:
https://<my-local-ip-address>.mydns.jdownloader.org
still use the old certificates, the rest looks okay
Reply With Quote
  #8  
Old 09.08.2018, 10:33
Jiaz's Avatar
Jiaz Jiaz is offline
JD Manager
 
Join Date: Mar 2009
Location: Germany
Posts: 79,290
Default

Still not finished with deploying new certficiates. Thanks for the feedback/testing
__________________
JD-Dev & Server-Admin
Reply With Quote
  #9  
Old 12.08.2018, 07:08
sjwolf sjwolf is offline
JD Fan
 
Join Date: Mar 2015
Posts: 70
Default

Hi, not sure if this is same issue or not, but I can't access https://board.jdownloader.org in chrome all of a sudden. Is this what you're talking about? Thanks.
Quote:
Your connection is not private

Attackers might be trying to steal your information from board.jdownloader.org (for example, passwords, messages, or credit cards). NET::ERR_CERT_AUTHORITY_INVALID
Reply With Quote
  #10  
Old 12.08.2018, 08:33
mazeme
Guest
 
Posts: n/a
Default

Hi, this issue gives you a

Quote:
NET::ERR_CERT_SYMANTEC_LEGACY
error, so probably not the same problem, not sure what it could be, sorry.
Reply With Quote
  #11  
Old 13.08.2018, 11:29
Jiaz's Avatar
Jiaz Jiaz is offline
JD Manager
 
Join Date: Mar 2009
Location: Germany
Posts: 79,290
Default

@sjwolf: what is your chrome version? The certificates are updated and NET::ERR_CERT_AUTHORITY_INVALID sounds like firewall/av intercepting/messing with https.

@mazeme: What browser/version and website?
__________________
JD-Dev & Server-Admin
Reply With Quote
  #12  
Old 13.08.2018, 21:04
sjwolf sjwolf is offline
JD Fan
 
Join Date: Mar 2015
Posts: 70
Default

Quote:
Originally Posted by Jiaz View Post
@sjwolf: what is your chrome version? The certificates are updated and NET::ERR_CERT_AUTHORITY_INVALID sounds like firewall/av intercepting/messing with https.
Hey...it's Chrome for Mac Version 49.0.2623.112 (64-bit). I'm unable to update any further because I can no longer update my OS :(

It also says this...

Quote:
board.jdownloader.org normally uses encryption to protect your information. When Google Chrome tried to connect to board.jdownloader.org this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be board.jdownloader.org, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Google Chrome stopped the connection before any data was exchanged.

You cannot visit board.jdownloader.org right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later.
Thanks
Reply With Quote
  #13  
Old 14.08.2018, 00:17
mazeme
Guest
 
Posts: n/a
Default

Quote:
Originally Posted by Jiaz View Post
@sjwolf: what is your chrome version? The certificates are updated and NET::ERR_CERT_AUTHORITY_INVALID sounds like firewall/av intercepting/messing with https.

@mazeme: What browser/version and website?
I'm no longer getting this error, I was just quoting the exact error message that made me start this thread originally, for reference
Reply With Quote
  #14  
Old 14.08.2018, 18:03
Jiaz's Avatar
Jiaz Jiaz is offline
JD Manager
 
Join Date: Mar 2009
Location: Germany
Posts: 79,290
Default

@mazeme: Thanks

@sjwolf: Can you open letsencrypt.org in browser? You should find a way to update your browser or use newer one or update your root certificates! The issue is caused by your browser being tool old to know the CERT_AUTHORITY
__________________
JD-Dev & Server-Admin
Reply With Quote
  #15  
Old 19.08.2018, 10:53
sjwolf sjwolf is offline
JD Fan
 
Join Date: Mar 2015
Posts: 70
Default

Quote:
Originally Posted by Jiaz View Post
@mazeme: Thanks

@sjwolf: Can you open letsencrypt.org in browser? You should find a way to update your browser or use newer one or update your root certificates! The issue is caused by your browser being tool old to know the CERT_AUTHORITY
Yeah...That website opens, but I don't get what any of that stuff is.
Reply With Quote
  #16  
Old 20.08.2018, 12:04
Jiaz's Avatar
Jiaz Jiaz is offline
JD Manager
 
Join Date: Mar 2009
Location: Germany
Posts: 79,290
Default

Install the updated root ca certificates, see
digicert.com/digicert-root-certificates.htm
support.securly.com/hc/en-us/articles/206081828-How-to-manually-install-the-Securly-SSL-certificate-in-Chrome
__________________
JD-Dev & Server-Admin
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT +2. The time now is 03:56.
Provided By AppWork GmbH | Privacy | Imprint
Parts of the Design are used from Kirsch designed by Andrew & Austin
Powered by vBulletin® Version 3.8.10 Beta 1
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.