[Debconf-team] Invalid HTTPS Cerfificate for Gallary
Hello DebConf team,
While reading the Debian Developer documentation, I noticed that the image
galleries page [1] has an invalid HTTPS certificate.
The link is to this page is posted on the Developers' Corner [2] of
the main site
and has the text: "You can also see the world map of Debian developers and
image galleries from various Debian events."
I also did a test on SSL labs [3] and the following issues were reported:
* This server's certificate is not trusted.
* This server supports anonymous (insecure) suites (see below for details).
* This server is vulnerable to the POODLE attack. If possible, disable SSL 3
to mitigate.
* This server supports weak Diffie-Hellman (DH) key exchange parameters.
* Certificate has a weak signature and expires after 2015. Upgrade to SHA2
to avoid browser warnings.
* This server accepts RC4 cipher, but only with older protocol versions.
* The server does not support Forward Secrecy with the reference browsers.
[1] https://gallery.debconf.org/
[2] https://www.debian.org/devel/
[3] https://www.ssllabs.com/ssltest/analyze.html?d=gallery.debconf.org&s=5.153.231.226
I hope this helps,
Andrew R
Reply to: