[squeak-dev] SSL/Socket error code interpretationRobert robert.withers at pm.meTue May 19 18:29:56 UTC 2020
Hi Tobias,
If the CI server could load the following config maps, you can access rootCerts in the SSLCertificateStore, when the CI server is running your tests.
NOTE: I would really like to see the Cryptography and ParrotTalk packages in the auto-testing regimen!
"Load Cryptography, Tests, ThunkStack, ParrotTalk. & SSL"
Installer ss
project: 'Cryptography'; install: 'ProCrypto-1-1-1';
project: 'Cryptography'; install: 'ProCryptoTests-1-1-1';
project: 'Cryptography'; install: 'SSLLoader'.
"The loading of the SSL package is what loaded the SSLCertificateStore. Please explore the result and see roiot certificates."
SSLCertificateStore new.
There are a couple of certs read in, surely one of them would meet your needs.
Kindly,
Robert
On 5/19/20 1:01 PM, Tobias Pape wrote:
>> On 19.05.2020, at 01:45, tim Rowledge
>> [<tim at rowledge.org>](mailto:tim at rowledge.org)
>> wrote:
>>
>> Follow up info just for the record - my sysadmin was able to correctly (re)install the certificate so we now get an 'A' report from ssllabs.com and the cURL etc checks all work. Thanks for the suggestions!
>
> Cool!
>
>> As an aside, Squeak 5.3-19435 running on the 20200429xxxxx ARMv6linux VM still fails the SSL test, but I think we established that the certificate included in the image for testing is a bit out of date?
>
> It is. But it already was when Andreas poured its contents into the imageā¦
> so it may be on purpose?
>
> What's the remedy?
> A long-term self-singed cert? This is only marginally better to test whether certificate checking works and no better to test whether TLS-encryption works :)
>
> Best regards
> -Tobias
>
>>> On 2020-05-12, at 10:34 AM, tim Rowledge
>>> [<tim at rowledge.org>](mailto:tim at rowledge.org)
>>> wrote:
>>>
>>> Thank you *very* much to Tobias and Levente for explaining this. At least it isn't just something I screwed up, so that makes me feel a bit less stupid. The connection has been working ok until recently though, which I suspect means somebody has been Fiddling With The Server. Hands may get slapped.
>>>
>>> I thought I knew more about these certificate things than I ever wanted; now I know I know nothing. Which is *still* more than I ever wanted :-)
>>>
>>> tim
>>> --
>>> tim Rowledge;
>>> tim at rowledge.org
>>> ;
>>> http://www.rowledge.org/tim
>>> Useful random insult:- Can easily be confused with facts.
>>
>> tim
--
Kindly,
Robert
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squeakfoundation.org/pipermail/squeak-dev/attachments/20200519/c6e538ed/attachment.html>
More information about the Squeak-dev mailing list |