guysalias Posted June 1, 2013 Posted June 1, 2013 Hello, SSL certificate of FTP is expired: * Server certificate: * subject: C=US; ST=Unknown; L=Unknown; O=Unknown; OU=Unknown; CN=johnny.heliohost.org; emailAddress=ssl@johnny.heliohost.org * start date: 2012-05-05 16:56:13 GMT * expire date: 2013-05-05 16:56:13 GMT * issuer: C=US; ST=Unknown; L=Unknown; O=Unknown; OU=Unknown; CN=johnny.heliohost.org; emailAddress=ssl@johnny.heliohost.org * SSL certificate verify result: self signed certificate (18), continuing anyway.
Sove Posted June 1, 2013 Posted June 1, 2013 Thanks for the information. You can still use secure FTP, though, the expiration doesn't really affect the security at all, if you trust HelioHost, that is.
Krydos Posted June 8, 2013 Posted June 8, 2013 All self-signed SSL certificates on Johnny have been recreated and won't expire until Jun 8th 2014.
guysalias Posted June 12, 2013 Author Posted June 12, 2013 All self-signed SSL certificates on Johnny have been recreated and won't expire until Jun 8th 2014. Hello, Still 'serving-up' an expired certificate. $ openssl s_client -showcerts -starttls ftp -connect ftp.guysalias.tk:21 | \ openssl x509 -dates -subject -noout -fingerprint -md5 -nameopt multiline Loading 'screen' into random state - done depth=0 C = US, ST = Unknown, L = Unknown, O = Unknown, OU = Unknown, \ CN = johnny.heliohost.org, emailAddress = ssl@johnny.heliohost.org verify error:num=18:self signed certificate verify return:1 depth=0 C = US, ST = Unknown, L = Unknown, O = Unknown, OU = Unknown, \ CN = johnny.heliohost.org, emailAddress = ssl@johnny.heliohost.org verify error:num=10:certificate has expired notAfter=May 5 16:56:13 2013 GMT verify return:1 depth=0 C = US, ST = Unknown, L = Unknown, O = Unknown, OU = Unknown, \ CN = johnny.heliohost.org, emailAddress = ssl@johnny.heliohost.org notAfter=May 5 16:56:13 2013 GMT verify return:1 220 You will be disconnected after 2 minutes of inactivity. notBefore=May 5 16:56:13 2012 GMT notAfter=May 5 16:56:13 2013 GMT subject= countryName = US stateOrProvinceName = Unknown localityName = Unknown organizationName = Unknown organizationalUnitName = Unknown commonName = johnny.heliohost.org emailAddress = ssl@johnny.heliohost.org MD5 Fingerprint=5E:06:7B:DC:86:6D:4E:3A:D2:47:E5:C0:8E:A7:BF:2F quit $ now Wed Jun 12 13:12:11 2013 $
Krydos Posted June 13, 2013 Posted June 13, 2013 This is what I'm seeing: Ftp Server Issuer: C=US, ST=Unknown, L=Unknown, O=Unknown, OU=Unknown, CN=johnny.heliohost.org/emailAddress=ssl@johnny.heliohost.org Not Before: Jun 8 03:10:01 2013 GMT Not After: Jun 8 03:10:01 2014 GMT Subject: C=US, ST=Unknown, L=Unknown, O=Unknown, OU=Unknown, CN=johnny.heliohost.org/emailAddress=ssl@johnny.heliohost.org Self Signed: YES What process are you using to get what you posted? Using the command at the start of your code snippet openssl s_client -showcerts -starttls ftp -connect ftp.guysalias.tk:21|openssl x509 -dates -subject -noout -fingerprint -md5 -nameopt multiline I get this result: depth=0 /C=US/ST=Unknown/L=Unknown/O=Unknown/OU=Unknown/CN=johnny.heliohost.org/emailAddress=ssl@johnny.heliohost.org verify error:num=18:self signed certificate verify return:1 depth=0 /C=US/ST=Unknown/L=Unknown/O=Unknown/OU=Unknown/CN=johnny.heliohost.org/emailAddress=ssl@johnny.heliohost.org verify return:1 220 You will be disconnected after 2 minutes of inactivity. notBefore=Jun 8 03:10:01 2013 GMT notAfter=Jun 8 03:10:01 2014 GMT 1
Recommended Posts