pixeldaemon@sh.itjust.works to Cybersecurity@sh.itjust.worksEnglish · 9 days agoWhy am I seeing this? How do I know if it is safe to accept?sh.itjust.worksimagemessage-square9fedilinkarrow-up112arrow-down10file-text
arrow-up112arrow-down1imageWhy am I seeing this? How do I know if it is safe to accept?sh.itjust.workspixeldaemon@sh.itjust.works to Cybersecurity@sh.itjust.worksEnglish · 9 days agomessage-square9fedilinkfile-text
minus-squareelmicha@feddit.orglinkfedilinkEnglisharrow-up3·9 days agoIt would be valid if it would be served by the XMPP server, but it is not: % openssl s_client -connect xmpp.jp:5222 </dev/null -starttls xmpp CONNECTED(00000003) depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = E8 verify return:1 depth=0 CN = xmpp.jp verify error:num=10:certificate has expired notAfter=Jun 5 10:51:05 2026 GMT verify return:1 depth=0 CN = xmpp.jp notAfter=Jun 5 10:51:05 2026 GMT verify return:1 --- Certificate chain 0 s:CN = xmpp.jp i:C = US, O = Let's Encrypt, CN = E8 a:PKEY: id-ecPublicKey, 256 (bit); sigalg: ecdsa-with-SHA384 v:NotBefore: Mar 7 10:51:06 2026 GMT; NotAfter: Jun 5 10:51:05 2026 GMT ...
It would be valid if it would be served by the XMPP server, but it is not:
% openssl s_client -connect xmpp.jp:5222 </dev/null -starttls xmpp CONNECTED(00000003) depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = E8 verify return:1 depth=0 CN = xmpp.jp verify error:num=10:certificate has expired notAfter=Jun 5 10:51:05 2026 GMT verify return:1 depth=0 CN = xmpp.jp notAfter=Jun 5 10:51:05 2026 GMT verify return:1 --- Certificate chain 0 s:CN = xmpp.jp i:C = US, O = Let's Encrypt, CN = E8 a:PKEY: id-ecPublicKey, 256 (bit); sigalg: ecdsa-with-SHA384 v:NotBefore: Mar 7 10:51:06 2026 GMT; NotAfter: Jun 5 10:51:05 2026 GMT ...