[squeak-dev] SSL/Socket error code interpretationRobert robert.withers at pm.meTue May 19 18:32:36 UTC 2020
Oh yes, the SSLCertificateStore has zero dependency on SSL and could be moved to ProCrypto K, r On 5/19/20 2:29 PM, Robert wrote: > Hi Tobias, > > If the CI server could load the following config maps, you can access rootCerts in the SSLCertificateStore, when the CI server is running your tests. > > NOTE: I would really like to see the Cryptography and ParrotTalk packages in the auto-testing regimen! > > "Load Cryptography, Tests, ThunkStack, ParrotTalk. & SSL" > Installer ss > project: 'Cryptography'; install: 'ProCrypto-1-1-1'; > project: 'Cryptography'; install: 'ProCryptoTests-1-1-1'; > project: 'Cryptography'; install: 'SSLLoader'. > > "The loading of the SSL package is what loaded the SSLCertificateStore. Please explore the result and see roiot certificates." > SSLCertificateStore new. > > There are a couple of certs read in, surely one of them would meet your needs. > > Kindly, > Robert > > On 5/19/20 1:01 PM, Tobias Pape wrote: > >>> On 19.05.2020, at 01:45, tim Rowledge >>> [<tim at rowledge.org>](mailto:tim at rowledge.org) >>> wrote: >>> >>> Follow up info just for the record - my sysadmin was able to correctly (re)install the certificate so we now get an 'A' report from ssllabs.com and the cURL etc checks all work. Thanks for the suggestions! >> >> Cool! >> >>> As an aside, Squeak 5.3-19435 running on the 20200429xxxxx ARMv6linux VM still fails the SSL test, but I think we established that the certificate included in the image for testing is a bit out of date? >> >> It is. But it already was when Andreas poured its contents into the imageā¦ >> so it may be on purpose? >> >> What's the remedy? >> A long-term self-singed cert? This is only marginally better to test whether certificate checking works and no better to test whether TLS-encryption works :) >> >> Best regards >> -Tobias >> >>>> On 2020-05-12, at 10:34 AM, tim Rowledge >>>> [<tim at rowledge.org>](mailto:tim at rowledge.org) >>>> wrote: >>>> >>>> Thank you *very* much to Tobias and Levente for explaining this. At least it isn't just something I screwed up, so that makes me feel a bit less stupid. The connection has been working ok until recently though, which I suspect means somebody has been Fiddling With The Server. Hands may get slapped. >>>> >>>> I thought I knew more about these certificate things than I ever wanted; now I know I know nothing. Which is *still* more than I ever wanted :-) >>>> >>>> tim >>>> -- >>>> tim Rowledge; >>>> tim at rowledge.org >>>> ; >>>> http://www.rowledge.org/tim >>>> Useful random insult:- Can easily be confused with facts. >>> >>> tim > > -- > Kindly, > Robert -- Kindly, Robert -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.squeakfoundation.org/pipermail/squeak-dev/attachments/20200519/9b9cd7ff/attachment.html>
More information about the Squeak-dev mailing list |