Re: [Faudiostream-users] Testing wget https://faustservice.inria.fr

[Felix Holzmüller]

HARICA (Hellenic Academic & Research Institutions Certification 
Authority) is afaik since January the new certificate service provider 
for GÉANT, therefore for the majority of European universities and 
research institutes. The issue seems to be rather an oversight of the 
universite côte d'azur and red hat than an issue with the INRIA services.

Regards,
Felix
On 09.04.2025 23:29, michel buffa wrote:
Apparently it's because Hellenic Academic and Research Institutions, 
who delivered this certificate, is a provider not recognized by 
universite côte d'azur (me) and redhat (oleg)... Inria did not choose 
a "super standard well recognized" authority... at least not 
recognized by everyone....

Le mer. 9 avr. 2025 à 23:21, yoann.le.bor...@gmail.com 
<yoann.le.bor...@gmail.com> a écrit :

    Hi!

    Maybe, for those who fail the wget test, a better output may be
    obtained using use curl in verbose mode as it would display the
    certificate used as well as other informations like protocol used
    for handshake:

    Here it is for me:
    curl -v https://faustservice.inria.fr
    *   Trying 194.199.24.67:443...
    * Connected to faustservice.inria.fr
    <http://faustservice.inria.fr> (194.199.24.67) port 443 (#0)
    * ALPN, offering h2
    * ALPN, offering http/1.1
    *  CAfile: /etc/ssl/certs/ca-certificates.crt
    *  CApath: /etc/ssl/certs
    * TLSv1.0 (OUT), TLS header, Certificate Status (22):
    * TLSv1.3 (OUT), TLS handshake, Client hello (1):
    * TLSv1.2 (IN), TLS header, Certificate Status (22):
    * TLSv1.3 (IN), TLS handshake, Server hello (2):
    * TLSv1.2 (IN), TLS header, Finished (20):
    * TLSv1.2 (IN), TLS header, Supplemental data (23):
    * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
    * TLSv1.2 (IN), TLS header, Supplemental data (23):
    * TLSv1.3 (IN), TLS handshake, Certificate (11):
    * TLSv1.2 (IN), TLS header, Supplemental data (23):
    * TLSv1.3 (IN), TLS handshake, CERT verify (15):
    * TLSv1.2 (IN), TLS header, Supplemental data (23):
    * TLSv1.3 (IN), TLS handshake, Finished (20):
    * TLSv1.2 (OUT), TLS header, Finished (20):
    * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
    * TLSv1.2 (OUT), TLS header, Supplemental data (23):
    * TLSv1.3 (OUT), TLS handshake, Finished (20):
    * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
    * ALPN, server accepted to use http/1.1
    * Server certificate:
    *  subject: C=FR; ST=�le-de-France; L=Le Chesnay-Rocquencourt;
    O=INRIA; CN=faustservice.inria.fr <http://faustservice.inria.fr>
    *  start date: Feb 17 13:29:33 2025 GMT
    *  expire date: Feb 17 13:29:33 2026 GMT
    *  subjectAltName: host "faustservice.inria.fr
    <http://faustservice.inria.fr>" matched cert's
    "faustservice.inria.fr <http://faustservice.inria.fr>"
    *  issuer: C=GR; O=Hellenic Academic and Research Institutions CA;
    CN=HARICA OV TLS RSA
    *  SSL certificate verify ok.
    * TLSv1.2 (OUT), TLS header, Supplemental data (23):
    > GET / HTTP/1.1
    > Host: faustservice.inria.fr <http://faustservice.inria.fr>
    > User-Agent: curl/7.81.0
    > Accept: */*
    >
    * TLSv1.2 (IN), TLS header, Supplemental data (23):
    * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
    * TLSv1.2 (IN), TLS header, Supplemental data (23):
    * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
    * old SSL session ID is stale, removing
    * TLSv1.2 (IN), TLS header, Supplemental data (23):
    * Mark bundle as not supporting multiuse
    < HTTP/1.1 200 OK
    < Date: Wed, 09 Apr 2025 21:07:59 GMT
    < Server: Apache
    < Strict-Transport-Security: max-age=31536000; includeSubDomains;
    preload
    < Content-Length: 393
    < Access-Control-Allow-Methods: GET, POST, OPTIONS
    < Access-Control-Allow-Origin: *
    < Content-Type: text/html
    < X-Content-Type-Options: nosniff
    < X-Frame-Options: DENY
    < Content-Security-Policy: default-src 'self'; script-src 'self';
    style-src 'self'; img-src 'self'; frame-ancestors 'none';
    form-action 'self';
    < Vary: Accept-Encoding
    <
    <html><body>
                           Upload a Faust file, please.<br>
                           There are 0 clients uploading at the
    moment.<br>
                           <form action="/filepost" method="post"
    enctype="multipart/form-data">
                           <input name="file" type="file">
                           <input type="submit" value=" Send "></form>
    * Connection #0 to host faustservice.inria.fr
    <http://faustservice.inria.fr> left intact
                           </body></html>%

    Regards,
    Yoann

    Le 09/04/2025 à 13:14, yann orlarey a écrit :

    Hi everyone,

    As Stéphane mentioned on Discord, we are moving away from Google
    Cloud and switching to *INRIA* for hosting the Faust remote
    compilation service.


    The new URL is: https://faustservice.inria.fr

    While the service works well in a browser, some users have
    reported errors when accessing it from the command line.

    We’d like to understand how widespread the issue is. If you could
    run the following command on your system and report whether it
    works or fails, it would be greatly appreciated:

    |wget https://faustservice.inria.fr |

    Thanks a lot!


    Yann



    _______________________________________________
    Faudiostream-users mailing list
    Faudiostream-users@lists.sourceforge.net
    https://lists.sourceforge.net/lists/listinfo/faudiostream-users
    _______________________________________________
    Faudiostream-users mailing list
    Faudiostream-users@lists.sourceforge.net
    https://lists.sourceforge.net/lists/listinfo/faudiostream-users



_______________________________________________
Faudiostream-users mailing list
Faudiostream-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/faudiostream-users_______________________________________________
Faudiostream-users mailing list
Faudiostream-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/faudiostream-users