I wasn't aware of this site/tool; this could have saved me a lot of pain some years ago. Huge thumbs up -- thanks for the tip, Joe! -- | Jeremy Chadwick jdc@koitsu.org | | UNIX Systems Administrator http://jdc.koitsu.org/ | | Making life hard for others since 1977. PGP 4BD6C0CB | On Sat, Jan 04, 2014 at 12:31:27PM -0800, Joe St Sauver wrote:
Hi,
Jeremy noted:
#Testing in a browser (Firefox) for https://juniper.net/ results in this: # #juniper.net uses an invalid security certificate. #The certificate is not trusted because no issuer chain was provided. #(Error code: sec_error_unknown_issuer)
There are issues with more than just the cert. A more extensive analysis can be seen at:
https://www.ssllabs.com/ssltest/analyze.html?d=juniper.net
[FWIW, the SSL Labs tester is a tool I've previously recommended to folks in the higher ed community, e.g., as part of "SSL/TLS Certificiates: Giving Your Use of Server Certificates a Hard Look," http://pages.uoregon.edu/joe/hardlook/hard-look.pdf and most recently in "Networking in These Crazy Days: Stay Calm, Get Secure, Get Involved," http://pages.uoregon.edu/joe/merit-networking/merit-networking.pdf at slide 104. If you haven't checked your own site and critical sites you rely on, it can be eye opening to do so.]
Regards,
Joe