-
Notifications
You must be signed in to change notification settings - Fork 88
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
TLS Observatory does not recognize Let's Encrypt Certs #439
Comments
Can confirm! |
Maybe related to mozilla/http-observatory-website#291 |
Ya, here's some more info on the cause of this issue : mozilla/http-observatory-website#291 (comment) |
Just reproduced it today: https://observatory.mozilla.org/analyze/git.afpy.org#tls: while https://www.ssllabs.com/ssltest/analyze.html?d=git.afpy.org gives A+: |
@JulienPalard, is there a chance to update the trust stores? I think ISRG Root X1 should be there on its own right by now. |
FWIW - From a Mozilla CA Root Program perspective, as I understand it, we have been transitioning away from maintaining this TLS Observatory repository and focusing on this repository - https://github.com/mozilla/CCADB-Tools. We are also using the CCADB. |
@BenWilson-Mozilla Thanks for mentioning CCADB. Forgive me if I miss something, but it seems to me that CCADB is not going to replace tls-observatory. CCADB is not grading end certificates, but collecting root and intermediate certificates. |
I'll obviously welcome any work forward on this, but I'm not from Mozilla and I'm not a Go developer. So I would not be able to review, nor to merge your work. |
There was supposed to be a new version of Observatory on MDN now, that might have the dependency on TLS Observatory removed(?), but there's no news about the launch since the original post:
Maybe @gene1wood knows more, and probably even the location of the repo for the new MDN Observatory version to help introspect its dependence on |
@LeoMcA can speak to the HTTP Observatory launch on MDN and it's backing repo. |
@LeoMcA, it would help a lot to know the release date and the planned changes. |
New MDN Observatory 2.0 launched last month: https://developer.mozilla.org/en-US/blog/mdn-http-observatory-launch/ The source is hosted now under MDN: https://github.com/mdn/mdn-http-observatory There is no TLS scanning currently present, and no plans to include it as per the announcement post linked above. A sunset is planned for current Obs v1 in the coming months, with uncertainty about TLS Obs fate (whether that is also being included in the sunset plans, and a future removal is planned; or it's gonna be kept around in its current state, with no further maintenance to be expected…) |
The report for let's encrypt own website shows an error "This site uses an untrusted or invalid certificate"
Checked on the 10th of May 2023:
The text was updated successfully, but these errors were encountered: