#17668 closed enhancement (fixed)
terinfo.ujbuda.hu uses TLS certificate not supported by JOSM yet
| Reported by: | stoecker | Owned by: | Don-vip |
|---|---|---|---|
| Priority: | normal | Milestone: | 19.05 |
| Component: | Core | Version: | |
| Keywords: | Cc: | BathoryPeter, Don-vip |
Description
Seems they now support TLS properly, but they use a Java-incompatible certificate and also an incomplete certifcate path.
Attachments (0)
Change History (12)
comment:2 by , 6 years ago
Ah sorry. Either SSLLabs changed the display or I never got it right before. We still need to add the "Microsec e-Szigno Root CA 2009" in case they fix the chain.
follow-up: 4 comment:3 by , 5 years ago
(Came from the irc->matrix bridged room on a random search for Hungary ;))
I see that on the hungarian osm list pepole already tried and failed to notify them, but I'll try again.
comment:6 by , 5 years ago
@Vincent:
Can you add the "Microsec e-Szigno Root CA 2009", Fingerprint SHA256: 3c5f81fea5fab82c64bfa2eaecafcde8e077fc8620a7cae537163df36edbf378 Pin SHA256: YWFnIBQzrqbI5eMHCvyvZ0kYj4FL0auxea6NrTq/Juw= to the Windows CertStore expansion mechanism?
comment:9 by , 5 years ago
I see a warning Certificate not found for alias '[Microsec e-Szigno Root CA 2009]' but found for alias 'MicroSec e-Szigno Root CA 2009'. MicroSec <> Microsec. What does that mean?
2019-05-30 10:21:04.276 FINE: System property 'java.protocol.handler.pkgs' set to 'org.openstreetmap.josm.io.protocols'. Old value was 'null'
2019-05-30 10:21:04.551 FINE: Adding certificate for TLS connections: CN=Staat der Nederlanden Root CA - G2,O=Staat der Nederlanden,C=NL
2019-05-30 10:21:04.586 FINE: Adding certificate for TLS connections: CN=Staat der Nederlanden Root CA - G3,O=Staat der Nederlanden,C=NL
2019-05-30 10:21:04.622 FINE: Adding certificate for TLS connections: CN=Certigna,O=Dhimyotis,C=FR
2019-05-30 10:21:04.661 FINE: Adding certificate for TLS connections: CN=CA Disig Root R2,O=Disig a.s.,L=Bratislava,C=SK
2019-05-30 10:21:04.697 FINE: Adding certificate for TLS connections: O=Government Root Certification Authority,C=TW
2019-05-30 10:21:04.732 FINE: powershell -Command [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;[System.Net.WebRequest]::Create('https://e-szigno.hu').GetResponse()
2019-05-30 10:21:05.532 WARNING: Certificate not found for alias '[Microsec e-Szigno Root CA 2009]' but found for alias 'MicroSec e-Szigno Root CA 2009'
2019-05-30 10:21:05.533 FINE: Adding certificate for TLS connections: 1.2.840.113549.1.9.1=#1610696e666f40652d737a69676e6f2e6875,CN=Microsec e-Szigno Root CA 2009,O=Microsec Ltd.,L=Budapest,C=HU
comment:12 by , 5 years ago
| Summary: | terinfo.ujbuda.hu usues TLS certificate not supported by JOSM yet → terinfo.ujbuda.hu uses TLS certificate not supported by JOSM yet |
|---|
Seems it should work when they complete the certificate chain and add the "e-Szigno SSL CA 2014" intermediate certificate.
Can someone contact them? Last time I tried I didn't get an answer.