emacs-orgmode@gnu.org archives
 help / color / mirror / code / Atom feed
* [BUG] ERR_CERT_DATE_INVALID for https://list.orgmode.org/
@ 2022-06-18  7:17 Ihor Radchenko
  2022-06-18  8:33 ` Bastien Guerry
  0 siblings, 1 reply; 11+ messages in thread
From: Ihor Radchenko @ 2022-06-18  7:17 UTC (permalink / raw)
  To: emacs-orgmode, Bastien

Certificate for list.orgmode.org appears to be expired:
My browser is giving me ERR_CERT_DATE_INVALID

Best,
Ihor


^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: [BUG] ERR_CERT_DATE_INVALID for https://list.orgmode.org/
  2022-06-18  7:17 [BUG] ERR_CERT_DATE_INVALID for https://list.orgmode.org/ Ihor Radchenko
@ 2022-06-18  8:33 ` Bastien Guerry
  2022-06-18  8:38   ` Ihor Radchenko
                     ` (3 more replies)
  0 siblings, 4 replies; 11+ messages in thread
From: Bastien Guerry @ 2022-06-18  8:33 UTC (permalink / raw)
  To: Ihor Radchenko, Kyle Meyer; +Cc: emacs-orgmode

Ihor Radchenko <yantar92@gmail.com> writes:

> Certificate for list.orgmode.org appears to be expired:
> My browser is giving me ERR_CERT_DATE_INVALID

There is a CNAME record (handled by digitalocean.com) making the
"list.orgmode.org" domain name an alias for "orgmode.yhetil.org",
hosted by Kyle, which works fine.

On the nginx config, there is:

  server {
      server_name orgmode.org;
      listen 443 ssl; # managed by Certbot
      ssl_certificate /etc/letsencrypt/live/xxx/fullchain.pem;
      ssl_certificate_key /etc/letsencrypt/live/xxx/privkey.pem;
      include /etc/letsencrypt/options-ssl-nginx.conf;
      ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
      rewrite ^/list/(.*) https://list.orgmode.org/$1 permanent;
  }
  
The last line rewrites requests like

  https://orgmode.org/list/875ynnojvf.fsf@localhost

to 

  https://list.orgmode.org/875ynnojvf.fsf@localhost 

which is supposed to be handled by the CNAME alias.

This is the configuration that used to work so far, I don't understand
why it doesn't work anymore as I didn't change anything.  Certificates
for orgmode.org and yhetil.org are OK.

Kyle, do you have any clue?

-- 
 Bastien


^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: [BUG] ERR_CERT_DATE_INVALID for https://list.orgmode.org/
  2022-06-18  8:33 ` Bastien Guerry
@ 2022-06-18  8:38   ` Ihor Radchenko
  2022-06-18 11:41     ` Bastien
  2022-06-18  9:46   ` [BUG] ERR_CERT_DATE_INVALID for https://list.orgmode.org/ Ihor Radchenko
                     ` (2 subsequent siblings)
  3 siblings, 1 reply; 11+ messages in thread
From: Ihor Radchenko @ 2022-06-18  8:38 UTC (permalink / raw)
  To: Bastien Guerry; +Cc: Kyle Meyer, emacs-orgmode

Bastien Guerry <bzg@gnu.org> writes:

>       rewrite ^/list/(.*) https://list.orgmode.org/$1 permanent;

Side note: Regexp here is probably the reason why
https://orgmode.org/list (without trailing slash) gives 404.

Best,
Ihor
 


^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: [BUG] ERR_CERT_DATE_INVALID for https://list.orgmode.org/
  2022-06-18  8:33 ` Bastien Guerry
  2022-06-18  8:38   ` Ihor Radchenko
@ 2022-06-18  9:46   ` Ihor Radchenko
  2022-06-18 10:25   ` Max Nikulin
  2022-06-18 14:08   ` Kyle Meyer
  3 siblings, 0 replies; 11+ messages in thread
From: Ihor Radchenko @ 2022-06-18  9:46 UTC (permalink / raw)
  To: Bastien Guerry; +Cc: Kyle Meyer, emacs-orgmode

Bastien Guerry <bzg@gnu.org> writes:

> Ihor Radchenko <yantar92@gmail.com> writes:
>
>> Certificate for list.orgmode.org appears to be expired:
>> My browser is giving me ERR_CERT_DATE_INVALID
>
> There is a CNAME record (handled by digitalocean.com) making the
> "list.orgmode.org" domain name an alias for "orgmode.yhetil.org",
> hosted by Kyle, which works fine.
> ...
> This is the configuration that used to work so far, I don't understand
> why it doesn't work anymore as I didn't change anything.  Certificates
> for orgmode.org and yhetil.org are OK.

I am not 100% sure if it is relevant, but
https://stackoverflow.com/questions/9935229/cname-ssl-certificates
appears to say that list.orgmode.org should also have a valid
certificate.

Looking at the certificate of list.orgmode.org, I see the following:

Common Name list.orgmode.org
 ...
 Validity
 Not Before Sun, 20 Mar 2022 05:49:24 GMT
 Not After Sat, 18 Jun 2022 05:49:23 GMT
 ...
 SHA-1 7E:25:A8:B5:1A:DE:BF:67:F8:DD:22:C1:1B:E5:ED:7E:50:D0:D5:38

 Clearly, the certificate for list.orgmode.org expired today.

 Best,
 Ihor


^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: [BUG] ERR_CERT_DATE_INVALID for https://list.orgmode.org/
  2022-06-18  8:33 ` Bastien Guerry
  2022-06-18  8:38   ` Ihor Radchenko
  2022-06-18  9:46   ` [BUG] ERR_CERT_DATE_INVALID for https://list.orgmode.org/ Ihor Radchenko
@ 2022-06-18 10:25   ` Max Nikulin
  2022-06-18 14:08   ` Kyle Meyer
  3 siblings, 0 replies; 11+ messages in thread
From: Max Nikulin @ 2022-06-18 10:25 UTC (permalink / raw)
  To: emacs-orgmode

On 18/06/2022 15:33, Bastien Guerry wrote:
> Ihor Radchenko writes:
> 
> The last line rewrites requests like
>    https://orgmode.org/list/875ynnojvf.fsf@localhost
> to
>    https://list.orgmode.org/875ynnojvf.fsf@localhost
> which is supposed to be handled by the CNAME alias.
> 
> This is the configuration that used to work so far, I don't understand
> why it doesn't work anymore as I didn't change anything.  Certificates
> for orgmode.org and yhetil.org are OK.

orgmode.yhetil.org, list.orgmode.org and yhetil.org sites have 
independent TLS certificates each one for 1 hostname.

Unless certificate for yhetil.org is renewed, it will have the same 
problem a week later.



^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: [BUG] ERR_CERT_DATE_INVALID for https://list.orgmode.org/
  2022-06-18  8:38   ` Ihor Radchenko
@ 2022-06-18 11:41     ` Bastien
  2022-06-18 12:50       ` Mastodon link type for capturing toots? Christian Moe
  0 siblings, 1 reply; 11+ messages in thread
From: Bastien @ 2022-06-18 11:41 UTC (permalink / raw)
  To: Ihor Radchenko; +Cc: Kyle Meyer, emacs-orgmode

Ihor Radchenko <yantar92@gmail.com> writes:

> Side note: Regexp here is probably the reason why
> https://orgmode.org/list (without trailing slash) gives 404.

This should be fixed.

-- 
 Bastien


^ permalink raw reply	[flat|nested] 11+ messages in thread

* Mastodon link type for capturing toots?
  2022-06-18 11:41     ` Bastien
@ 2022-06-18 12:50       ` Christian Moe
  2022-06-20 12:56         ` Ihor Radchenko
  0 siblings, 1 reply; 11+ messages in thread
From: Christian Moe @ 2022-06-18 12:50 UTC (permalink / raw)
  To: emacs-orgmode


Hi,

Has anyone written a link type for Mastodon that would allow you to
org-capture the post/status ("toot") at point?

I'm referring to mastodon.el
(https://codeberg.org/martianh/mastodon.el), which is available via
install-packages.

Yours,
Christian


^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: [BUG] ERR_CERT_DATE_INVALID for https://list.orgmode.org/
  2022-06-18  8:33 ` Bastien Guerry
                     ` (2 preceding siblings ...)
  2022-06-18 10:25   ` Max Nikulin
@ 2022-06-18 14:08   ` Kyle Meyer
  2022-06-18 14:11     ` Bastien
  3 siblings, 1 reply; 11+ messages in thread
From: Kyle Meyer @ 2022-06-18 14:08 UTC (permalink / raw)
  To: Bastien Guerry; +Cc: Ihor Radchenko, emacs-orgmode

Bastien Guerry writes:

> Kyle, do you have any clue?

Yes.  The SSL certs on my end are wired up to be automatically
refreshed.  In order for them to be in effect, though, I need to
manually restart nginx.  There's probably a better way to handle this,
but I just have a reminder.

Anyway, based on how the expiration dates for various domains line up,
it's usually okay if I don't act on that for a day or two, but in this
case it bumped right against the list.orgmode.org expiration.

Sorry about that (but you can't get your money back :>)


^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: [BUG] ERR_CERT_DATE_INVALID for https://list.orgmode.org/
  2022-06-18 14:08   ` Kyle Meyer
@ 2022-06-18 14:11     ` Bastien
  0 siblings, 0 replies; 11+ messages in thread
From: Bastien @ 2022-06-18 14:11 UTC (permalink / raw)
  To: Kyle Meyer; +Cc: Ihor Radchenko, emacs-orgmode

Hi Kyle,

Kyle Meyer <kyle@kyleam.com> writes:

> Anyway, based on how the expiration dates for various domains line up,
> it's usually okay if I don't act on that for a day or two, but in this
> case it bumped right against the list.orgmode.org expiration.

Great certificates expire alike :)

> Sorry about that (but you can't get your money back :>)

Thanks for restarting the server - I took this opportunity to refresh
the list of certificates for *.orgmode.org, we shall be all set until
Sept. 16th.

-- 
 Bastien


^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: Mastodon link type for capturing toots?
  2022-06-18 12:50       ` Mastodon link type for capturing toots? Christian Moe
@ 2022-06-20 12:56         ` Ihor Radchenko
  2022-06-21 11:07           ` Christian Moe
  0 siblings, 1 reply; 11+ messages in thread
From: Ihor Radchenko @ 2022-06-20 12:56 UTC (permalink / raw)
  To: Christian Moe; +Cc: emacs-orgmode

Christian Moe <mail@christianmoe.com> writes:

> Has anyone written a link type for Mastodon that would allow you to
> org-capture the post/status ("toot") at point?
>
> I'm referring to mastodon.el
> (https://codeberg.org/martianh/mastodon.el), which is available via
> install-packages.

No AFAIK. But it is very easy to define new link types in Org. You can
do it yourself. See A.3 Adding Hyperlink Types section of the manual.

Best,
Ihor


^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: Mastodon link type for capturing toots?
  2022-06-20 12:56         ` Ihor Radchenko
@ 2022-06-21 11:07           ` Christian Moe
  0 siblings, 0 replies; 11+ messages in thread
From: Christian Moe @ 2022-06-21 11:07 UTC (permalink / raw)
  To: Ihor Radchenko; +Cc: emacs-orgmode


Yes, I probably will write my own (and share it here). Just wanted to
check first if the wheel had already been invented, as I'm feeling
lazy. Thanks for confirming it probably hasn't.

Yours,
Christian

Ihor Radchenko writes:

> Christian Moe <mail@christianmoe.com> writes:
>
>> Has anyone written a link type for Mastodon that would allow you to
>> org-capture the post/status ("toot") at point?
>>
>> I'm referring to mastodon.el
>> (https://codeberg.org/martianh/mastodon.el), which is available via
>> install-packages.
>
> No AFAIK. But it is very easy to define new link types in Org. You can
> do it yourself. See A.3 Adding Hyperlink Types section of the manual.
>
> Best,
> Ihor


^ permalink raw reply	[flat|nested] 11+ messages in thread

end of thread, other threads:[~2022-06-21 11:08 UTC | newest]

Thread overview: 11+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-06-18  7:17 [BUG] ERR_CERT_DATE_INVALID for https://list.orgmode.org/ Ihor Radchenko
2022-06-18  8:33 ` Bastien Guerry
2022-06-18  8:38   ` Ihor Radchenko
2022-06-18 11:41     ` Bastien
2022-06-18 12:50       ` Mastodon link type for capturing toots? Christian Moe
2022-06-20 12:56         ` Ihor Radchenko
2022-06-21 11:07           ` Christian Moe
2022-06-18  9:46   ` [BUG] ERR_CERT_DATE_INVALID for https://list.orgmode.org/ Ihor Radchenko
2022-06-18 10:25   ` Max Nikulin
2022-06-18 14:08   ` Kyle Meyer
2022-06-18 14:11     ` Bastien

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/emacs/org-mode.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).