View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0006026 | unreal | ircd | public | 2021-12-18 22:40 | 2021-12-25 08:51 |
| Reporter | Manuelchen | Assigned To | syzop | ||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | no change required | ||
| Product Version | 6.0.0 | ||||
| Summary | 0006026: SSL / TLS certificates invalid | ||||
| Description | The SSL / TLS certificates are displayed as invalid in Unrealircd 6, as this also affects the IRC server of irc.unrealircd.org. this is a bug. | ||||
| 3rd party modules | |||||
|
|
You did not show us any actual error message so there's no way to investigate it. However, please verify this is not a DST Root CA X3 problem (described here: https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/ ). If so, it's a client issue. |
|
|
That has nothing to do with it, as I said, the problem is also on irc.unrealircd.org and I've known about the article for a while. It's a bug in Unrealircd 6 |
|
|
Manuelchen, I think the problem is on your client side. Nothing wrong with certificate. $ openssl s_client -showcerts -servername irc.unrealircd.org -connect irc.unrealircd.org:6697 |
|
|
Summary Unable to get local issuer certificate Issuer Organization: Let's Encrypt Host: R3 Country: US Subject Host: irc.unrealircd.org Dns: irc.unrealircd.org, irc2.unrealircd.org Valid from 30/11/2021 to 28/02/2022 It's a bug in Unrealircd 6! With an IRC server with Unrealircd 5 I "don't" have the problem. |
|
|
This is unrelated to UnrealIRCd 5 or UnrealIRCd 6, as others pointed out. We use the R3 chain at UnrealIRCd, the "alternate chain", the more modern one. If your client doesn't have it in their CA list then it won't see it as a trusted CA and raise a warning. See https://community.letsencrypt.org/t/long-default-and-short-alternate-certificate-chains-explained/162526 and other let's encrypt articles. Again, nothing UnrealIRCd 6 related, we have this since October when we were still on U5. It's configured through certbot and other ACME clients. Not UnrealIRCd. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2021-12-18 22:40 | Manuelchen | New Issue | |
| 2021-12-19 07:40 | k4be | Note Added: 0022252 | |
| 2021-12-19 10:20 | Manuelchen | Note Added: 0022254 | |
| 2021-12-20 19:07 | rafaelgrether | Note Added: 0022269 | |
| 2021-12-20 19:21 | Manuelchen | Note Added: 0022270 | |
| 2021-12-25 08:51 | syzop | Assigned To | => syzop |
| 2021-12-25 08:51 | syzop | Status | new => closed |
| 2021-12-25 08:51 | syzop | Resolution | open => no change required |
| 2021-12-25 08:51 | syzop | Note Added: 0022295 |
