Main menu:

Sponsoring

Please consider a small donation:

 

 

Or you can donate bitcoin:

 

Thanks to TekLinks in Birmingham, AL, for providing colocation and bandwidth.

Page Rank

Fame

FOSS Force Best Blog--2013 Award

Recent posts

Recent comments

About this blog

I am Eric Hameleers, and this is where I think out loud.
More about me.

Search

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 345 other subscribers

My Favourites

Slackware

Calendar

December 2017
M T W T F S S
« Nov    
 123
45678910
11121314151617
18192021222324
25262728293031

RSS Alien's Slackware packages

RSS Alien's unofficial KDE Slackware packages

RSS Alien's multilib packages

RSS Slackware64-current

Meta

Alien Pastures is moving soon

The URL for my blog is going to change.

I need to have full control over my content. At this moment I do not own the server my blog is running on, and I do not own the domain.
To prevent running into weird situations down the road – for whatever reasons – the blog will move from its current location to https://blog.alienbase.nl/ soon.
I will of course configure an automatic redirect from the current to the new URL to ease the transition.

The current url (alien.slackbook.org/blog) may not be available forever after the migration, so it is best is if you already bookmark the new URL – a placeholder page is waiting there.

If your browser complains about not trusting the CaCert organization then follow the steps outlined in a previous article “adding CaCert root certificates to your Slackware” to silence these warnings.

Comments

Comment from John
Posted: November 18, 2017 at 01:53

Bookmarked already! Gratz on taking control

Not sure for how long it will be just a placeholder but to let you know: Chrome blocked my connection at first saying it wasn’t secure. I added it as an exception.

I checked the page source and since the landing page is “https” the reason for the chrome blocking could only be that “http” avatar image.

Comment from Willy Sudiarto Raharjo
Posted: November 18, 2017 at 03:30

Hi Eric

It seems the cert is not yet configured properly as i still get invalid message when i visited the website using my phone.

Or is it because of the same cacert used for the cert?

Comment from alienbob
Posted: November 18, 2017 at 12:11

The ‘not secure’ messages were caused by HTTP URLS used for the two images on the page. I changed those to HTTPS and the messages are gone.

This blog site will indeed use a CaCert certificate. I refuse to bow for the big browser companies that won’t recognize CaCert and create their own LetsEncrypt instead, to dominate the free world.

Comment from Brad Reed
Posted: November 18, 2017 at 17:18

I’m getting in Firefox 55:

blog.alienbase.nl uses an invalid security certificate. The certificate is not trusted because it was signed using a signature algorithm that was disabled because that algorithm is not secure.

I’ll try again after upgrading my firefox to -current.

Comment from alienbob
Posted: November 18, 2017 at 19:12

Brad, my Firefox 56 on this laptop and Firefox 17.0.11esr on my server both do not complain (although the server Firefox does not recognize the CaCert certificate authority).
Do you have an application that proxies your internet connection? Some antivirus programs filter all your internet traffic and that is where the error may come from (if that program does not recognize the encryption used for the certificate).

Comment from Brian Lawrence
Posted: November 19, 2017 at 00:16

Followed the instructions for adding CaCert certificates, and everything is OK here.

Comment from AJ
Posted: November 19, 2017 at 08:15

I’m running Firefox 52.5.0 on Slackware 14.2, with no proxy. It refuses to go to the page, labelling it insecure. This is what the “advanced” information supplies:

blog.alienbase.nl uses an invalid security certificate.

The certificate is not trusted because it was signed using a signature algorithm that was disabled because that algorithm is not secure.

Error code: SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED

Comment from alienbob
Posted: November 19, 2017 at 12:28

AJ please check the details of the ssl certificate which is being presented to your browser. It should be the certificate for “blog.alienbase.nl” which is signed by “CA Cert Signing Authority”. Both mine and the CACert certificate have been signed using SHA256 which is a secure methood (not like SHA1 which has been deprecated because it is insecure).
I have not found any browser here (Slackware and MS Windows were tested) that complain about the certificate.

I t is still possible that your Internet traffic is being proxied – perhaps not by you but by your ISP – and that a different SSL certificate is being presented to you. Other options may be that your computer’s time is out of sync, or that you spoof your browser’s UserAgent so that the blog server determines it should change its security settings.

My Chrome broiwser tells me this about the connection: encrypted with “TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 256 bit keys, TLS 1.2”.

Comment from Willy Sudiarto Raharjo
Posted: November 19, 2017 at 17:02

I got the same issue with the other

https://blog.alienbase.nl/

The certificate was signed using a signature algorithm that is disabled because it is not secure.

HTTP Strict Transport Security: false
HTTP Public Key Pinning: false

Certificate chain:

Comment from Willy Sudiarto Raharjo
Posted: November 19, 2017 at 17:45

I re-add the CaCert keys again (i’m pretty sure i have done this before) and now it works fine on Firefox.

Comment from Drag
Posted: November 19, 2017 at 20:07

Hey Eric.

Can you make a refresh iso of slackware live with cinnamon flavor ? Thanks

Comment from alienbob
Posted: November 20, 2017 at 00:27

Drag your question bears no relevance to the above article. I will answer but please post on-topic only.
I will not generate further Cinnamon-flavored Live ISO’s simply because my server does not have the disk space left to store it.

Comment from Jen
Posted: November 20, 2017 at 21:24

No problems with the certificate on chrome 62. I had to restart chrome for it to start working, though.

Comment from Brad Reed
Posted: November 25, 2017 at 23:24

I imported the CAcert keys into my firefox and all is fine now.

Write a comment