Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SSL Errors

    Scheduled Pinned Locked Moved pfBlockerNG
    10 Posts 3 Posters 551 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ?
      A Former User
      last edited by

      Anyone else seeing this?

      Screen Shot 2020-09-05 at 09.32.22.png

      Multiple feeds with the same error, it appears they all hosted on AWS.

      1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan
        last edited by

        Noop.
        What is the URL used ?
        http - see the error - or https download ?

        This is a typical server side message. The admin of the feed should review its cert settings.
        You can't do anything, just wait it out.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • ?
          A Former User
          last edited by

          These:

          https://raw.githubusercontent.com/heradhis/indonesianadblockrules/master/subscriptions/abpindo.txt
          https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
          https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
          http://theantisocialengineer.com/AntiSocial_Blacklist_Community_V1.txt
          https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt
          https://s3.amazonaws.com/lists.disconnect.me/simple_malware.txt

          From a shell just to confirm:

          curl https://raw.githubusercontent.com/heradhis/indonesianadblockrules/master/subscriptions/abpindo.txt
          curl: (60) SSL certificate problem: self signed certificate

          Not too concerned, all self signed certs. Maybe they (whoever maintains those feeds) get it together or they don't. We'll see.

          1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by johnpoz

            You got something else going on - or they have been fixed in the last few minutes. But none of those links show self signed, and they have been valid for awhile

            example
            cert.png

            via curl
            curl.png

            You going through some proxy would be my guess. Trying to do mitm

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            1 Reply Last reply Reply Quote 0
            • ?
              A Former User
              last edited by A Former User

              Thank you John! I added some additional feeds last evening. I removed them and all is well. Not sure how that would have created a cert problem. Someone more knowledgable than I will immediately understand, I'm sure.

              Today is going to be hectic once the kids are up, but I will go back and isolate the problem feed and report back.

              1 Reply Last reply Reply Quote 0
              • johnpozJ
                johnpoz LAYER 8 Global Moderator
                last edited by johnpoz

                I don't see how adding a feed would have anything to do with other feeds.. You sure you were not trying to access via a proxy?

                Or were being redirected?

                Maybe trying to route your traffic thru some ultra secure -- all about your privacy vpn/proxy.. That was doing mitm on you ;) You know - for your privacy ;) heheheh

                Did you grab the info from the cert that was being listed as selfsigned? This can normally lead to a clue.. For example at work you can see that is a bluecoat created cert..

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 24.11 | Lab VMs 2.8, 24.11

                ? 1 Reply Last reply Reply Quote 0
                • ?
                  A Former User @johnpoz
                  last edited by

                  @johnpoz No, I'm sure. Added a few feeds:

                  https://blocklist.cyberthreatcoalition.org/vetted/domain.txt
                  https://urlhaus.abuse.ch/downloads/text/
                  https://zerodot1.gitlab.io/CoinBlockerLists/list.txt

                  No proxy, no vpn, no tin foil hats.

                  1 Reply Last reply Reply Quote 0
                  • johnpozJ
                    johnpoz LAYER 8 Global Moderator
                    last edited by

                    Those feeds are showing good for you right? That first one is on a cloudflare cert.. etc..

                    An intelligent man is sometimes forced to be drunk to spend time with his fools
                    If you get confused: Listen to the Music Play
                    Please don't Chat/PM me for help, unless mod related
                    SG-4860 24.11 | Lab VMs 2.8, 24.11

                    ? 2 Replies Last reply Reply Quote 0
                    • ?
                      A Former User @johnpoz
                      last edited by

                      @johnpoz Yes, they did.

                      1 Reply Last reply Reply Quote 0
                      • ?
                        A Former User @johnpoz
                        last edited by

                        @johnpoz John, I have to go. Thanks again for your help. I'll check back later in the day.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.