bug-bash
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Mozilla's Security Warning for Link For Maintainer's "Bash Page" Lin


From: Ángel
Subject: Re: Mozilla's Security Warning for Link For Maintainer's "Bash Page" Link ......
Date: Thu, 09 May 2019 23:31:04 +0200

On 2019-05-05 at 16:22 +0000, Harvey Rothenberg wrote:
> To Whom It May Concern,  
> 
> I'm receiving a " Warning :  Potential Security Rick Ahead " by my use of 
> FireFox on my Xubuntu 18.04 Laptop (see screenshot below).  
> 
> 

Thanks Harvey

I also receive this error. Seems the webmaster of tiswww.case.edu missed
including the intermediate certificate. YMMV, as your browser may have
the intermediate cached from visiting other sites, but this *is*
misconfigured. See the results at 
https://www.ssllabs.com/ssltest/analyze.html?d=tiswww.case.edu

As they are using Apache (assuming it is doing the TLS termination) this
would involve the directive SSLCertificateChainFile, SSLCertificateFile
or SSLCACertificateFile, depending on the exact version and personal
preferences.

Additionally, the linked Qualys tool detected that this server is
vulnerable to ROBOT, so perhaps there is an outdated appliance doing the
TLS termination in front of the web server.


Chet, can you forward this to the case.edu people administrating that
server?


Kind regards




reply via email to

[Prev in Thread] Current Thread [Next in Thread]