https://jsdo.it/ のサーバー証明書が Apr 1 23:59:59 2019 GMT で失効したまま更新されてない模様
ひょっとしてメンテというか、既にサービス自体がきちんと運用されてないのだろうか?
2019-04-19: 追記
相変わらずサーバー証明書は expired のままなんだけど、ブラウザのアドレス欄に jsdo.it と入れると http://jsdo.it/ に繋がった。
ところが、ID 連携で認証通すと https://jsdo.it/ にリダイレクトされて、サーバー証明書エラーに引っかかる。
連携先の ID で logout しても駄目。
jsdo.it 側の cookie を削除すると、再び http://jsdo.it/ に入ることが出来た。
とりあえず、「お問い合わせ」で示されているメアドにご注進入をれてみたけど、
公式 blog の最終更新が July 16, 2016 8:35 AM とかいう状況。
$ echo|openssl s_client -connect jsdo.it:443 CONNECTED(00000003) depth=3 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root verify return:1 depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority verify return:1 depth=1 C = JP, ST = OSAKA, L = OSAKA, O = SecureCore, CN = SecureCore RSA DV CA verify return:1 depth=0 OU = Domain Control Validated, OU = CoreSSL DV, CN = jsdo.it verify error:num=10:certificate has expired notAfter=Apr 1 23:59:59 2019 GMT verify return:1 depth=0 OU = Domain Control Validated, OU = CoreSSL DV, CN = jsdo.it notAfter=Apr 1 23:59:59 2019 GMT verify return:1 --- Certificate chain 0 s:/OU=Domain Control Validated/OU=CoreSSL DV/CN=jsdo.it i:/C=JP/ST=OSAKA/L=OSAKA/O=SecureCore/CN=SecureCore RSA DV CA 1 s:/C=JP/ST=OSAKA/L=OSAKA/O=SecureCore/CN=SecureCore RSA DV CA i:/C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority 2 s:/C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root --- Server certificate -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIQEKTDJB3+Ilgo/5WpP9TvNzANBgkqhkiG9w0BAQsFADBh MQswCQYDVQQGEwJKUDEOMAwGA1UECBMFT1NBS0ExDjAMBgNVBAcTBU9TQUtBMRMw EQYDVQQKEwpTZWN1cmVDb3JlMR0wGwYDVQQDExRTZWN1cmVDb3JlIFJTQSBEViBD QTAeFw0xODAyMjYwMDAwMDBaFw0xOTA0MDEyMzU5NTlaMEoxITAfBgNVBAsTGERv bWFpbiBDb250cm9sIFZhbGlkYXRlZDETMBEGA1UECxMKQ29yZVNTTCBEVjEQMA4G A1UEAxMHanNkby5pdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALsP EMCzWCh45oZxoCkkstTt7PAldu5KCP86eEORprHCOeVbO2oLbuu2Nezro7Lrw8tg eGBUSABfAedPuFLQJbYLtjyeC92oOApKEkEnXs0CWrjZwX9YZpcITeA4KH0GOCWJ ycJnAWVaUDTGuH/yWrBMx1mi0BNilkc2zimR0jFgKoJlCiCmps9TwtxsdfvvNz5B NnuWAXCnBc88JJlpEGH/KKB0v+EoprxLnYq2h5bT3+l90ZKESDwja6o8emIK6GPn gjFB+mojhG6Q+4Ogh3W6Q4qBQFE2yxunzk/xvkcoaFred/wlU4qGBkQUUBUqn7BP qa0nvmIkX7vyvbWG7l8CAwEAAaOCAbMwggGvMB8GA1UdIwQYMBaAFIey5tDf3wzj LZfSJAipUI8nC5BpMB0GA1UdDgQWBBS5DaPNeMP0Cq7V1zxnA9PkAx9tnTAOBgNV HQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYI KwYBBQUHAwIwTwYDVR0gBEgwRjA6BgsrBgEEAbIxAQICMjArMCkGCCsGAQUFBwIB Fh1odHRwczovL2Nwcy5zZWN1cmVjb3JlLWNhLmNvbTAIBgZngQwBAgEwQwYDVR0f BDwwOjA4oDagNIYyaHR0cDovL2NybC5zZWN1cmVjb3JlLWNhLmNvbS9TZWN1cmVD b3JlUlNBRFZDQS5jcmwweQYIKwYBBQUHAQEEbTBrMD4GCCsGAQUFBzAChjJodHRw Oi8vY3J0LnNlY3VyZWNvcmUtY2EuY29tL1NlY3VyZUNvcmVSU0FEVkNBLmNydDAp BggrBgEFBQcwAYYdaHR0cDovL29jc3Auc2VjdXJlY29yZS1jYS5jb20wHwYDVR0R BBgwFoIHanNkby5pdIILd3d3LmpzZG8uaXQwDQYJKoZIhvcNAQELBQADggEBABda WqjJYKnbq7Q+uuEuBefO8u5cRL5Y7syXpmgxKuBGQBhCRgSQ+J3jSprEz7BZgyJy uMINaRLkTWOZSjDK5jDKOaaMdHnmjnudyS2Gwc24gmy0v89V7DxVtwI2J6ngoiib tba7tFF781N4nG6ZykkdlwWKmWL9aRuVUKHO8eDMDXM/6J1F/9o19jl01t1mLkEW WtRQ9FZWRwLGaYNsAXzFeY0gE4r++fObDFzdFhzW4AVZKD/r6+fymUZW+EyiqXMG U+A5XN2JUTvY9I6I3tg+S0XMkeYXpB3dY1/PNLZqnn2b7iTyVvOw7Qzx/aZJDQ67 ncHKa0KqVBTxcLKKHio= -----END CERTIFICATE----- subject=/OU=Domain Control Validated/OU=CoreSSL DV/CN=jsdo.it issuer=/C=JP/ST=OSAKA/L=OSAKA/O=SecureCore/CN=SecureCore RSA DV CA --- No client certificate CA names sent Peer signing digest: SHA512 Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 4849 bytes and written 431 bytes --- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-GCM-SHA384 Session-ID: F845E24AC90690083A71335B2D94C232856E3EAE6F4E91760A0C4C2CB1883D38 Session-ID-ctx: Master-Key: 595026916EBDEBC5BBF6B7183A7E4EEB6AE3BA89E8BFC6C0AC5EEDB2D5CEF40D4E090A1E3BC891A7F8B55C462D57B80B Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 300 (seconds) TLS session ticket: 0000 - 8c 00 59 76 78 48 2e 2e-73 b9 38 37 f2 53 12 1e ..YvxH..s.87.S.. 0010 - 16 55 59 ef fe 67 88 19-62 56 d5 b6 5d b4 82 fd .UY..g..bV..]... 0020 - ac 74 fa 0a 31 b3 74 37-3d 49 45 3a 98 d3 73 26 .t..1.t7=IE:..s& 0030 - 45 ae b9 1e ae ef 5d a2-23 30 f4 c6 59 b5 7f 87 E.....].#0..Y... 0040 - ec e3 da a1 96 6a c9 ef-7c a6 cc 9b 64 61 08 64 .....j..|...da.d 0050 - 75 03 e7 14 74 f2 5d 3b-e8 d5 54 92 84 22 b8 8b u...t.];..T..".. 0060 - 4e 60 21 0d de 5d 61 ae-c8 9e 92 14 46 3b 64 8d N`!..]a.....F;d. 0070 - 1f 8d 25 a4 22 3e 85 bd-a3 cd 2c 27 9d 30 c0 09 ..%.">....,'.0.. 0080 - 9a 5b 9f 3a df c4 6c fe-ea ae 74 16 f6 41 22 60 .[.:..l...t..A"` 0090 - 5d 92 95 ca 09 c7 d1 6e-f0 1c 03 4d 35 c5 13 cf ]......n...M5... Start Time: 1555538503 Timeout : 300 (sec) Verify return code: 10 (certificate has expired) --- DONE
$ echo|openssl s_client -connect jsdo.it:443 2>/dev/null | openssl x509 -noout -text -in /dev/stdin Certificate: Data: Version: 3 (0x2) Serial Number: 10:a4:c3:24:1d:fe:22:58:28:ff:95:a9:3f:d4:ef:37 Signature Algorithm: sha256WithRSAEncryption Issuer: C=JP, ST=OSAKA, L=OSAKA, O=SecureCore, CN=SecureCore RSA DV CA Validity Not Before: Feb 26 00:00:00 2018 GMT Not After : Apr 1 23:59:59 2019 GMT Subject: OU=Domain Control Validated, OU=CoreSSL DV, CN=jsdo.it Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:bb:0f:10:c0:b3:58:28:78:e6:86:71:a0:29:24: b2:d4:ed:ec:f0:25:76:ee:4a:08:ff:3a:78:43:91: a6:b1:c2:39:e5:5b:3b:6a:0b:6e:eb:b6:35:ec:eb: a3:b2:eb:c3:cb:60:78:60:54:48:00:5f:01:e7:4f: b8:52:d0:25:b6:0b:b6:3c:9e:0b:dd:a8:38:0a:4a: 12:41:27:5e:cd:02:5a:b8:d9:c1:7f:58:66:97:08: 4d:e0:38:28:7d:06:38:25:89:c9:c2:67:01:65:5a: 50:34:c6:b8:7f:f2:5a:b0:4c:c7:59:a2:d0:13:62: 96:47:36:ce:29:91:d2:31:60:2a:82:65:0a:20:a6: a6:cf:53:c2:dc:6c:75:fb:ef:37:3e:41:36:7b:96: 01:70:a7:05:cf:3c:24:99:69:10:61:ff:28:a0:74: bf:e1:28:a6:bc:4b:9d:8a:b6:87:96:d3:df:e9:7d: d1:92:84:48:3c:23:6b:aa:3c:7a:62:0a:e8:63:e7: 82:31:41:fa:6a:23:84:6e:90:fb:83:a0:87:75:ba: 43:8a:81:40:51:36:cb:1b:a7:ce:4f:f1:be:47:28: 68:5a:de:77:fc:25:53:8a:86:06:44:14:50:15:2a: 9f:b0:4f:a9:ad:27:be:62:24:5f:bb:f2:bd:b5:86: ee:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Authority Key Identifier: keyid:87:B2:E6:D0:DF:DF:0C:E3:2D:97:D2:24:08:A9:50:8F:27:0B:90:69 X509v3 Subject Key Identifier: B9:0D:A3:CD:78:C3:F4:0A:AE:D5:D7:3C:67:03:D3:E4:03:1F:6D:9D X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Certificate Policies: Policy: 1.3.6.1.4.1.6449.1.2.2.50 CPS: https://cps.securecore-ca.com Policy: 2.23.140.1.2.1 X509v3 CRL Distribution Points: Full Name: URI:http://crl.securecore-ca.com/SecureCoreRSADVCA.crl Authority Information Access: CA Issuers - URI:http://crt.securecore-ca.com/SecureCoreRSADVCA.crt OCSP - URI:http://ocsp.securecore-ca.com X509v3 Subject Alternative Name: DNS:jsdo.it, DNS:www.jsdo.it Signature Algorithm: sha256WithRSAEncryption 17:5a:5a:a8:c9:60:a9:db:ab:b4:3e:ba:e1:2e:05:e7:ce:f2: ee:5c:44:be:58:ee:cc:97:a6:68:31:2a:e0:46:40:18:42:46: 04:90:f8:9d:e3:4a:9a:c4:cf:b0:59:83:22:72:b8:c2:0d:69: 12:e4:4d:63:99:4a:30:ca:e6:30:ca:39:a6:8c:74:79:e6:8e: 7b:9d:c9:2d:86:c1:cd:b8:82:6c:b4:bf:cf:55:ec:3c:55:b7: 02:36:27:a9:e0:a2:28:9b:b5:b6:bb:b4:51:7b:f3:53:78:9c: 6e:99:ca:49:1d:97:05:8a:99:62:fd:69:1b:95:50:a1:ce:f1: e0:cc:0d:73:3f:e8:9d:45:ff:da:35:f6:39:74:d6:dd:66:2e: 41:16:5a:d4:50:f4:56:56:47:02:c6:69:83:6c:01:7c:c5:79: 8d:20:13:8a:fe:f9:f3:9b:0c:5c:dd:16:1c:d6:e0:05:59:28: 3f:eb:eb:e7:f2:99:46:56:f8:4c:a2:a9:73:06:53:e0:39:5c: dd:89:51:3b:d8:f4:8e:88:de:d8:3e:4b:45:cc:91:e6:17:a4: 1d:dd:63:5f:cf:34:b6:6a:9e:7d:9b:ee:24:f2:56:f3:b0:ed: 0c:f1:fd:a6:49:0d:0e:bb:9d:c1:ca:6b:42:aa:54:14:f1:70: b2:8a:1e:2aLet's Encrypt 使えばいいのに、と思うが、
ひょっとしてメンテというか、既にサービス自体がきちんと運用されてないのだろうか?
2019-04-19: 追記
相変わらずサーバー証明書は expired のままなんだけど、ブラウザのアドレス欄に jsdo.it と入れると http://jsdo.it/ に繋がった。
ところが、ID 連携で認証通すと https://jsdo.it/ にリダイレクトされて、サーバー証明書エラーに引っかかる。
連携先の ID で logout しても駄目。
jsdo.it 側の cookie を削除すると、再び http://jsdo.it/ に入ることが出来た。
とりあえず、「お問い合わせ」で示されているメアドにご注進入をれてみたけど、
公式 blog の最終更新が July 16, 2016 8:35 AM とかいう状況。
タグ
コメントをかく