Testing phase for let's encrypt certificate

Announcements and Communications
1

Hello, we participated last year to the closed testing phase of Let’s encrypt, it was pretty convincing :smile:
Now it’s still in public beta phase but our paid certificate (by Gandi) expire in March.

So to save the cost of a year wildcard certificate, we’d like to switch to let’s encrypt.

Please can you test if you see anything wrong here https://www.openmandriva.org

(you should see that the certificate is provided by let’s encrypt by putting the cursor over the green locker- there should be one if all is ok - at the left of url bar)

Note that all other subdomains are still encrypted with Gandi’s certificate, so only test www.

Please test in as much conditions as possible, with several browsers if you have, desktop, mobile OS, even exotic or semi-exotic (Sailfish OS, Opera mobile, lynx…) so that we can avoid big surprise that forces us to revert after a full migration. :man_with_gua_pi_mao: Don’t hesitate to spread in partner forums and bring feedback if you can/want to.

Thanks :smile:

1 Like
2

desktop linux omv 2014.2 chromium
good

7.png1280×1024 371 KB

1 Like
3

Gandi.png776×425 212 KB

Just tested. February 26, 16:09 GMT.

1 Like
4

windows 10

firefox: good

edge: I don’t know :unamused: I just see “DST Root CA x3 a identifié le site comme \www.openmandriva.org

1 Like
5

Android phone
Firefox beta : good

1 Like
6

@sirius strange you still have Gandi as third party… Maybe you should close and restart Firefox?

7

@jojodu34 at least, with edge, there is no error message? I mean something that could frighten users…

8

yes no error message

1 Like
9

Great :slight_smile: It seems we’ll be able to migrate flawlessly then!

10

@Sirius , empty the cache, and reload the page with pressed ctrl key

11

I emptied the cache. Then reloaded the page, using Ctrl+Enter and Ctrl+F5 (F5=reload). I still don’t close and restart FF.

Still says Gandi.

Addendum:

Closed and restarted FF. Still Gandi.

After the restart, Ctrl+Enter and Ctrl+F5. Still Gandi.

Maybe a cache in my ISP?

Clearing the certificates?

12

Can you try this:

Tools > Clear Private Data and only put a checkmark before Authenticated Sessions → Clear Now

from How to clear ssl cache - mozillaZine Forums

13

Actual FF doesn’t have “Clear Private Data” in Tools menu. At least I can’t find it.
Page you wrote is from year 2006.
I didn’t find it under Edit-Preferences either.

14

Oops :slight_smile:

15

firefox seems capricious in its key management. I do not always manage to bring up “verified by let’s Encrypt” (because only root is encrypted I think).
But each time the cache was empty and I had to reload the page several times

8.png1280×1024 489 KB

16

What is weird is the difference of behaviour with @Sirius 's environment :confused:

I have tried with Safari on iOS (iPhone) and it works (at least no error message, since i did not find how to get certificate infbrmations)

17

Firefox in ROSA Desktop

Firefox in OMLx3

letsencrypt_04r.png779×468 105 KB

18

Firefox is a hell with its cache… :angry:

To clear cache in Firefox:

3-bars menu (somebody call it “hamburger menu” :smile: )
preferences
privacy
History > You may want to clear your recent history > Everything > Clear Now

To view certificate:

right click on the page
view page info > security > view certificate

letsencrypt_05.png1280×800 261 KB

19

hem, it’s for history :wink:

for cache you have to go in advanced (translate from French)

20

Thank you.
I’ve repeated the steps above, here it seems I didn’t miss anything…
This advanced step, when/where did you meet?