<html><head></head><body>
<p>Hi Tobias,</p>
<p>If the CI server could load the following config maps, you can
access rootCerts in the SSLCertificateStore, when the CI server is
running your tests. <br/>
</p>
<p><b>NOTE: </b>I would really like to see the Cryptography and
ParrotTalk packages in the auto-testing regimen!<br/>
</p>
<p>"Load Cryptography, Tests, ThunkStack, ParrotTalk. & SSL"<br/>
Installer ss<br/>
project: 'Cryptography'; install: 'ProCrypto-1-1-1';<br/>
project: 'Cryptography'; install: 'ProCryptoTests-1-1-1';<br/>
project: 'Cryptography'; install: 'SSLLoader'.<br/>
</p>
<p>"The loading of the SSL package is what loaded the
SSLCertificateStore. Please explore the result and see roiot
certificates."<br/>
SSLCertificateStore new.</p>
<p>There are a couple of certs read in, surely one of them would
meet your needs.</p>
<p>Kindly,<br/>
Robert<br/>
</p>
<div class="moz-cite-prefix">On 5/19/20 1:01 PM, Tobias Pape wrote:<br/>
</div>
<blockquote type="cite" cite="mid:5AAA0191-C057-4E06-89BE-09545F85308B@gmx.de">
<pre class="moz-quote-pre" wrap="">
</pre>
<blockquote type="cite">
<pre class="moz-quote-pre" wrap="">On 19.05.2020, at 01:45, tim Rowledge <a class="moz-txt-link-rfc2396E" href="mailto:tim@rowledge.org"><tim@rowledge.org></a> wrote:
Follow up info just for the record - my sysadmin was able to correctly (re)install the certificate so we now get an 'A' report from ssllabs.com and the cURL etc checks all work. Thanks for the suggestions!
</pre>
</blockquote>
<pre class="moz-quote-pre" wrap="">Cool!
</pre>
<blockquote type="cite">
<pre class="moz-quote-pre" wrap="">As an aside, Squeak 5.3-19435 running on the 20200429xxxxx ARMv6linux VM still fails the SSL test, but I think we established that the certificate included in the image for testing is a bit out of date?
</pre>
</blockquote>
<pre class="moz-quote-pre" wrap="">It is. But it already was when Andreas poured its contents into the image…
so it may be on purpose?
What's the remedy?
A long-term self-singed cert? This is only marginally better to test whether certificate checking works and no better to test whether TLS-encryption works :)
Best regards
-Tobias
</pre>
<blockquote type="cite">
<pre class="moz-quote-pre" wrap=""></pre>
<blockquote type="cite">
<pre class="moz-quote-pre" wrap="">On 2020-05-12, at 10:34 AM, tim Rowledge <a class="moz-txt-link-rfc2396E" href="mailto:tim@rowledge.org"><tim@rowledge.org></a> wrote:
Thank you *very* much to Tobias and Levente for explaining this. At least it isn't just something I screwed up, so that makes me feel a bit less stupid. The connection has been working ok until recently though, which I suspect means somebody has been Fiddling With The Server. Hands may get slapped.
I thought I knew more about these certificate things than I ever wanted; now I know I know nothing. Which is *still* more than I ever wanted :-)
tim
--
tim Rowledge; <a class="moz-txt-link-abbreviated" href="mailto:tim@rowledge.org">tim@rowledge.org</a>; <a class="moz-txt-link-freetext" href="http://www.rowledge.org/tim">http://www.rowledge.org/tim</a>
Useful random insult:- Can easily be confused with facts.
</pre>
</blockquote>
<pre class="moz-quote-pre" wrap="">
tim
</pre>
</blockquote>
<pre class="moz-quote-pre" wrap="">
</pre>
</blockquote>
<pre class="moz-signature" cols="72">--
Kindly,
Robert</pre>
</body></html>