Links browser with secure connections: is this error normal?
Recently I have:
- compiled OpenSSL 1.1.0f and installed it in a user folder; - compiled Links 2.14 with SSL support and also installed in a user folder. Detailed comments about these two steps are given in another thread: "How to use OpenSSL installed in a different dir to compile Links?", which still has a question about SSL v2 and v3. After compiling Links, the first page I visited was hotmail.com, which is redirected to another domain in a secure connection. But Links asked me: == Invalid certificate The server mail.live.com doesn't have a valid certificate. Do you want to connect to it anyway? [No] [Yes] == After sometime, I tried other secure pages that work normally in other browsers. They also do not work with my Links: duckduckgo.com mail.yahoo.com https://LQ.org/questions/login.php For all of them, Links said their certificate is invalid, same question. Is this normal? Is it because I compiled from source? Is it because SSL v2 and v3 are not working, as I showed/asked in the other thread? |
I just went to https://duckduckgo.com and https://LQ.org/questions/login.php in links with no errors. This was the default links that comes with Slackware.
|
Thank you for the test, frankbell. I suppose that hotmail.com would also load with no error for you. I cannot understand why the certificates are considered invalid in my computer.
Links is not installed in a machine I use. And I have no root access to it. I compiled and installed Links there just for me. And, before that, compiling and installing OpenSSL was needed. |
What distro is on the machine you were using links on?
|
Quote:
There are several machines I can run the Links I built. They are Ubuntu 14.04.5 LTS and 16.04.2 LTS. Right now, I have tested in both kinds of machines, the behaviour is exactly the same. |
Quote:
Quote:
Quote:
*Should you want to pursue the alternative anyway (YMMVM) then first run some diags: see if you can spot a difference when doing 'true | /path/to/your/custom/openssl s_client -connect mail.live.com:443;' vs 'true | /usr/bin/openssl s_client -connect mail.live.com:443;'. If there is then ensure your (SSL) development libraries match the versions on each system and ensure the compile time configuration for finding /etc/pki (or wherever SSL asserts its certificate structure is located at) matches each system. (There's prolly SSL-related configuration files or environment variables to do so but that may or may not work and will most likely bite you when you decide more applications dependant on SSL.) |
Quote:
Quote:
As said in the first post of this thread, and in the other thread about OpenSSL+Links in different dirs, Links' configure script said that SSL v2 and V3 were not enabled. Until now, no-one commented that detail in both threads. I would choose to enable them, but I have not seen the reason for them being disabled. There is no option specifically to SSL v2 or v3 in Links' configure script. Quote:
Quote:
|
Quote:
|
Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
Quote:
|
All times are GMT -5. The time now is 03:04 AM. |