Check TLS certificates with DNS entries on new website
For MERLIN, there exist three DNS entries that all point to the new k8s cluster:
All should work with valid certificats.
Activity
changed milestone to %Post-EOL website
egon@euriiegn:~$ openssl s_client -connect aks-03.commul.eurac.edu:443 -servername merlin-platform.eu -brief depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate verify error:num=20:unable to get local issuer certificate depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate verify error:num=21:unable to verify the first certificate CONNECTION ESTABLISHED Protocol version: TLSv1.3 Ciphersuite: TLS_AES_256_GCM_SHA384 Peer certificate: O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate Hash used: SHA256 Signature type: RSA-PSS Verification error: unable to verify the first certificate Server Temp Key: X25519, 253 bitsegon@euriiegn:~$ openssl s_client -connect aks-03.commul.eurac.edu:443 -servername www.merlin-platform.eu -brief CONNECTION ESTABLISHED Protocol version: TLSv1.3 Ciphersuite: TLS_AES_256_GCM_SHA384 Peer certificate: CN = www.merlin-platform.eu Hash used: SHA256 Signature type: RSA-PSS Verification: OK Server Temp Key: X25519, 253 bitsegon@euriiegn:~$ openssl s_client -connect aks-03.commul.eurac.edu:443 -servername www-dev.merlin-platform.eu -brief CONNECTION ESTABLISHED Protocol version: TLSv1.3 Ciphersuite: TLS_AES_256_GCM_SHA384 Peer certificate: CN = www-dev.merlin-platform.eu Hash used: SHA256 Signature type: RSA-PSS Verification: OK Server Temp Key: X25519, 253 bitsmarked the checklist item https://www.merlin-platform.eu as completed
marked the checklist item https://www-dev.merlin-platform.eu as completed
https://merlin-platform.eu comes back with a
Kubernetes Ingress Controller Fake Certificate@Paolo.Brasolinmarked the checklist item https://merlin-platform.eu as completed
Please register or sign in to reply