Tigase Forge
Dashboards
Projects
Pull Requests
Issues
Builds
Packages
Code Search
server-core
Code
Pull Requests
Issues
List
Boards
Iterations
Timesheets
Builds
Packages
Statistics
Child Projects
OneDev 10.9.4
Documentation Support & Bug Report RESTful API Incompatibilities License Agreement Check Update
Projects tigase _server server-core Issues #1080
After updating certificate via ad-hoc/rest only main certificate is updated (#1080)
Closed
wojciech.kapcia@tigase.net opened 5 years ago

Update certificate for tigase.im via ad-hoc (with wildcard). Afterward main domain serves updated cert but the subdomain still serves (until restart) old one:

wojtek@atlantiscity.local ~/dev $ openssl s_client  -connect tigase.me:5269 -xmpphost tigase.im < /dev/null -starttls xmpp
CONNECTED(00000006)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = tigase.im
verify return:1
---
Certificate chain
 0 s:/CN=tigase.im
   i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
 1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
   i:/O=Digital Signature Trust Co./CN=DST Root CA X3
 2 s:/O=Digital Signature Trust Co./CN=DST Root CA X3
   i:/O=Digital Signature Trust Co./CN=DST Root CA X3

---

wojtek@atlantiscity.local ~/dev $ openssl s_client  -connect tigase.me:5269 -xmpphost push.tigase.im < /dev/null -starttls xmpp
CONNECTED(00000006)
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = tigase.im
verify return:1
---
Certificate chain
 0 s:/CN=tigase.im
   i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
 1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
   i:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
 2 s:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
   i:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
Referenced from commit 11 months ago
Issue #1080 - Rewrite ResourceBind and authentication plugins as preprocessors
Andrzej Wójcik committed 10 years ago
9ba5880c
issue 1 of 1
Type
Bug
Priority
Normal
Assignee
wojciech.kapcia@tigase.net
Version
tigase-server-8.1.0
Spent time
10h 15m
Related
  • tigase-private/systems-maintenance/servers#288 You are not authorized to access this issue
  • Customers/Alianza#87 You are not authorized to access this issue
  • helpdesk/helpdesk-priv#555 You are not authorized to access this issue
  • tigase-private/systems-maintenance/tigase-im-service#80 You are not authorized to access this issue
  • #1078 Closed
    Don't send root CA certificate in chain
Issue Votes (0)
Login to vote
Watchers (0)
Reference
tigase/_server/server-core#1080
Please wait...
Page is in error, reload to recover