On Sat, May 2, 2015 at 9:18 PM, jannik laval <[email protected]> wrote:
> https://ci.inria.fr/ > Various online services will issue SSL health reports. Here is a random one I just googled that looks fairly comprehensive... https://www.ssllabs.com/ssltest/analyze.html?d=ci.inria.fr For archival purposes, I cut some of the report here... Certification PathsPath #1: Trusted*1*Sent by serverci.inria.fr Fingerprint: 78691d3453dbda6939351e9e785ad379677b48ee RSA 2048 bits (e 65537) / SHA256withRSA*2*Extra downloadTERENA SSL CA 2 Fingerprint: 38525c7140d285040e02dd2a7f3c7dba21042e01 RSA 2048 bits (e 65537) / SHA384withRSA*3*In trust storeUSERTrust RSA Certification Authority Self-signed Fingerprint: 2b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e RSA 4096 bits (e 65537) / SHA384withRSAPath #2: Trusted*1*Sent by server ci.inria.fr Fingerprint: 78691d3453dbda6939351e9e785ad379677b48ee RSA 2048 bits (e 65537) / SHA256withRSA*2*Extra downloadTERENA SSL CA 2 Fingerprint: 38525c7140d285040e02dd2a7f3c7dba21042e01 RSA 2048 bits (e 65537) / SHA384withRSA*3*Extra downloadUSERTrust RSA Certification Authority Fingerprint: eab040689a0d805b5d6fd654fc168cff00b78be3 RSA 4096 bits (e 65537) / SHA384withRSA*4*In trust storeAddTrust External CA Root Self-signed Fingerprint: 02faf3e291435468607857694df5e45b68851868 RSA 2048 bits (e 65537) / SHA1withRSA Weak or insecure signature, but no impact on root certificate So the server admins might contact Terena for advice, or it seems the "TERENA SSL CA 2" certificate can be download here... https://www.terena.org/activities/tcs/repository/ and see what happens if that file is dropped next to the "ci.inria.fr" certificate. cheers -ben
