[Twisted-Python] twistedmatrix.com TLS certificate

James Broadhead jamesbroadhead at gmail.com
Sun Mar 12 09:13:01 MDT 2017


Just ran into this. For interested parties, Chrome 58 is due to go stable
on Apr 25th [1]



[1] https://www.chromium.org/developers/calendar

On 7 March 2017 at 03:19, Glyph Lefkowitz <glyph at twistedmatrix.com> wrote:

>
> On Mar 6, 2017, at 12:16 AM, Cory Benfield <cory at lukasa.co.uk> wrote:
>
>
> On 6 Mar 2017, at 07:22, Tristan Seligmann <mithrandi at mithrandi.net>
> wrote:
>
> twistedmatrix.com's current certificate is issued by StartCom
> Certification Authority; for certificates issued by this CA prior to
> 2016-09-21, the domain must be on a Chrome whitelist for it to be accepted.
> As of Chrome 58.0.3026.3 (canary/dev channel only, currently, but
> eventually this will presumably be in a release version) twistedmatrix.com
> is no longer[1] on the whitelist, which means that twistedmatrix.com will
> issue a certificate error. Can we switch to another CA? (Let's Encrypt, for
> example; I hear somebody wrote a Twisted library for using that)
>
> I'm sending this to the general list in case anyone else has been
> scratching their head about why they're getting cert warnings.
>
>
> This is an extremely good idea.
>
>
> Yes please.
>
> This is the rare ops task that will actually be quite easy for someone to
> add in to Braid as a PR: https://github.com/twisted-infra/braid
>
> If you have a look at https://github.com/twisted-infra/braid/blob/master/
> services/t-web/twisted-web/ports you might be able to guess how such a
> thing would go...
>
> -glyph
>
>
> _______________________________________________
> Twisted-Python mailing list
> Twisted-Python at twistedmatrix.com
> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/twisted-python/attachments/20170312/08b1ba22/attachment-0002.html>


More information about the Twisted-Python mailing list