Dev.openwrt.org certificate revoked

rtau · April 12, 2018, 2:38pm

When I visit https://dev.openwrt.org, the browser (chrome on Android) shows that the certificate is revoked. Is it still relevant?

https://www.ssllabs.com/ssltest/analyze.html?d=dev.openwrt.org

lleachii · April 12, 2018, 4:00pm

This is because the root certificate (WoSign CA Free SSL Certificate G2) was removed from these browsers.

See: https://blog.qualys.com/ssllabs/2017/04/05/ssl-labs-distrusts-wosign-and-startcom-certificates

https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/

https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/k9PBmyLCi8I[1-25]

rtau · April 12, 2018, 4:31pm

Yup, but seems it lost the love from openwrt (and lede) community... Does anyone know the plan to revive it or would just let it die?

slh · April 12, 2018, 4:53pm

In all likelyness, the only 'fix' you may get to see for this issue is shutting down the old trac instance alltogether, it hasn't been used by the developers for over two years by now.

rtau · April 13, 2018, 12:56am

That's the answer I need as I'm not sure if that's still being used or not.

I could still see some links to it from the wiki: https://openwrt.org/start?do=search&id="dev.openwrt.org" which maybe better update them to refer to the current location or have a notice to the current status of dev.openwrt.org

jeff · April 13, 2018, 2:21am

There are quite a few references in the wiki to content on dev.openwrt.org. Getting it up and running with Let's Encrypt or the like would be a benefit.

jeff · May 1, 2018, 8:02pm

Still a problem, with valuable information hidden from view

Just posted, for example

hnyman · May 1, 2018, 8:09pm

Depends on your browser if you see the contents.
(I use Firefox and have probably set a security exception for the site, as I see the contents ok.)

But the whole old dev site is pretty much dormant, so I doubt if somebody would fix the certificate.

The site has mostly value for dinosaurs like me, who remember seeing there a discussion/problem/solution for something.

jeff · May 1, 2018, 8:16pm

Count me in as a "dinosaur" as well. Ancient history often provides a clearer view of current events.

Server: nginx/1.1.19 so should be able to configure certbot and a cron job and be done with it.

rtau · May 4, 2018, 1:34am

If there exists dinosaurs find it useful, may I know who should we contact to get it fixed?

jow · May 11, 2018, 10:49am

http://lists.infradead.org/pipermail/lede-adm/2018-May/000788.html