Bug#967086: marked as done (Empty pages when authenticated)
Your message dated Thu, 6 Aug 2020 11:30:38 +0200
with message-id <c0bc0c6b-8887-1f6a-e5e6-5bba0486bff0@debian.org>
and subject line Re: Bug#967086: Empty pages when authenticated
has caused the Debian Bug report #967086,
regarding Empty pages when authenticated
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
967086: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=967086
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: tracker.debian.org
Severity: important
Dear Maintainer,
tracker.debian.org does not seem to respond or responds always empty
pages (no error) when I use a client certificate.
Cheers,
--
Stéphane
-- System Information:
Debian Release: bullseye/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 5.7.0-1-amd64 (SMP w/4 CPU threads)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
--- End Message ---
--- Begin Message ---
Le 06/08/2020 à 10:43, Julien Cristau a écrit :
>>>>> tracker.debian.org does not seem to respond or responds always empty
>>>>> pages (no error) when I use a client certificate.
>>>>
>>>> I don't have the issue with my own certificate.
>>>>
>>>> I see this in the error log:
>>>> [Wed Aug 05 11:17:05.798925 2020] [ssl:error] [pid 31979:tid 140564909500160] [client 80.227.5.106:40019] AH02039: Certificate Verification: Error (66): EE certificate key too weak
>>>> [Wed Aug 05 11:59:09.029731 2020] [ssl:error] [pid 31979:tid 140565890987776] [client 80.227.5.106:9418] AH02039: Certificate Verification: Error (66): EE certificate key too weak
>>>
>>> This is not my IP address.
>>
>> Looking at your mail headers, I found 152.81.9.54 and I got similar logs:
>> hertzog@ticharich:~$ grep 152.81.9.54 /var/log/apache2/tracker.debian.org-error.log
>> [Thu Aug 06 07:57:16.520838 2020] [ssl:error] [pid 29597:tid 140564724860672] [client 152.81.9.54:55460] AH02039: Certificate Verification: Error (66): EE certificate key too weak
>> [Thu Aug 06 07:57:48.093622 2020] [ssl:error] [pid 29597:tid 140564909500160] [client 152.81.9.54:55462] AH02039: Certificate Verification: Error (10): certificate has expired
>>
>>> When I first encountered the error, I realised my certificate was
>>> expired. Then, I generated a new certificate. I still get the
>>> undesirable behaviour with the new certificate.
>>
>> I'm not sure what else I can do to help you here. I'm putting DSA in copy
>> in case they know what's going on here. I never had such an issue.
>>
>> Did you drop you old certificate and restart your browser?
>>
> Maybe also provide the output of "openssl x509 -noout -text" on the cert.
Indeed it's weak: RSA 1024.
I used the sso.debian.org portal to generate it.
Oh, I misunderstood the "Enrollment type" and chose medium, which I
guess caused the weak certificate. What's the purpose of this choice?
Anyway, problem solved.
Cheers,
--
Stéphane
--- End Message ---
Reply to: