Thank you, Felix, for this information! I have a naive question: could the problem be solved simply by updating the list of trusted CAs on the computer where the error occurs?
Yann Le jeu. 10 avr. 2025 à 09:53, Felix Holzmüller <holzmuel...@iem.at> a écrit : > HARICA (Hellenic Academic & Research Institutions Certification Authority) > is afaik since January the new certificate service provider for GÉANT, > therefore for the majority of European universities and research > institutes. The issue seems to be rather an oversight of the universite > côte d'azur and red hat than an issue with the INRIA services. > > Regards, > Felix > On 09.04.2025 23:29, michel buffa wrote: > > Apparently it's because Hellenic Academic and Research Institutions, who > delivered this certificate, is a provider not recognized by universite côte > d'azur (me) and redhat (oleg)... Inria did not choose a "super standard > well recognized" authority... at least not recognized by everyone.... > > Le mer. 9 avr. 2025 à 23:21, yoann.le.bor...@gmail.com < > yoann.le.bor...@gmail.com> a écrit : > >> Hi! >> >> Maybe, for those who fail the wget test, a better output may be obtained >> using use curl in verbose mode as it would display the certificate used as >> well as other informations like protocol used for handshake: >> >> Here it is for me: >> curl -v https://faustservice.inria.fr >> * Trying 194.199.24.67:443... >> * Connected to faustservice.inria.fr (194.199.24.67) port 443 (#0) >> * ALPN, offering h2 >> * ALPN, offering http/1.1 >> * CAfile: /etc/ssl/certs/ca-certificates.crt >> * CApath: /etc/ssl/certs >> * TLSv1.0 (OUT), TLS header, Certificate Status (22): >> * TLSv1.3 (OUT), TLS handshake, Client hello (1): >> * TLSv1.2 (IN), TLS header, Certificate Status (22): >> * TLSv1.3 (IN), TLS handshake, Server hello (2): >> * TLSv1.2 (IN), TLS header, Finished (20): >> * TLSv1.2 (IN), TLS header, Supplemental data (23): >> * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8): >> * TLSv1.2 (IN), TLS header, Supplemental data (23): >> * TLSv1.3 (IN), TLS handshake, Certificate (11): >> * TLSv1.2 (IN), TLS header, Supplemental data (23): >> * TLSv1.3 (IN), TLS handshake, CERT verify (15): >> * TLSv1.2 (IN), TLS header, Supplemental data (23): >> * TLSv1.3 (IN), TLS handshake, Finished (20): >> * TLSv1.2 (OUT), TLS header, Finished (20): >> * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1): >> * TLSv1.2 (OUT), TLS header, Supplemental data (23): >> * TLSv1.3 (OUT), TLS handshake, Finished (20): >> * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 >> * ALPN, server accepted to use http/1.1 >> * Server certificate: >> * subject: C=FR; ST=�le-de-France; L=Le Chesnay-Rocquencourt; O=INRIA; >> CN=faustservice.inria.fr >> * start date: Feb 17 13:29:33 2025 GMT >> * expire date: Feb 17 13:29:33 2026 GMT >> * subjectAltName: host "faustservice.inria.fr" matched cert's " >> faustservice.inria.fr" >> * issuer: C=GR; O=Hellenic Academic and Research Institutions CA; >> CN=HARICA OV TLS RSA >> * SSL certificate verify ok. >> * TLSv1.2 (OUT), TLS header, Supplemental data (23): >> > GET / HTTP/1.1 >> > Host: faustservice.inria.fr >> > User-Agent: curl/7.81.0 >> > Accept: */* >> > >> * TLSv1.2 (IN), TLS header, Supplemental data (23): >> * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4): >> * TLSv1.2 (IN), TLS header, Supplemental data (23): >> * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4): >> * old SSL session ID is stale, removing >> * TLSv1.2 (IN), TLS header, Supplemental data (23): >> * Mark bundle as not supporting multiuse >> < HTTP/1.1 200 OK >> < Date: Wed, 09 Apr 2025 21:07:59 GMT >> < Server: Apache >> < Strict-Transport-Security: max-age=31536000; includeSubDomains; preload >> < Content-Length: 393 >> < Access-Control-Allow-Methods: GET, POST, OPTIONS >> < Access-Control-Allow-Origin: * >> < Content-Type: text/html >> < X-Content-Type-Options: nosniff >> < X-Frame-Options: DENY >> < Content-Security-Policy: default-src 'self'; script-src 'self'; >> style-src 'self'; img-src 'self'; frame-ancestors 'none'; form-action >> 'self'; >> < Vary: Accept-Encoding >> < >> <html><body> >> Upload a Faust file, please.<br> >> There are 0 clients uploading at the moment.<br> >> <form action="/filepost" method="post" >> enctype="multipart/form-data"> >> <input name="file" type="file"> >> <input type="submit" value=" Send "></form> >> * Connection #0 to host faustservice.inria.fr left intact >> </body></html>% >> >> Regards, >> Yoann >> Le 09/04/2025 à 13:14, yann orlarey a écrit : >> >> Hi everyone, >> >> As Stéphane mentioned on Discord, we are moving away from Google Cloud >> and switching to *INRIA* for hosting the Faust remote compilation >> service. >> >> >> The new URL is: https://faustservice.inria.fr >> >> While the service works well in a browser, some users have reported >> errors when accessing it from the command line. >> >> We’d like to understand how widespread the issue is. If you could run the >> following command on your system and report whether it works or fails, it >> would be greatly appreciated: >> >> wget https://faustservice.inria.fr >> >> Thanks a lot! >> >> >> Yann >> >> >> _______________________________________________ >> Faudiostream-users mailing >> listFaudiostream-users@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/faudiostream-users >> >> _______________________________________________ >> Faudiostream-users mailing list >> Faudiostream-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/faudiostream-users >> > > > _______________________________________________ > Faudiostream-users mailing > listFaudiostream-users@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/faudiostream-users > > _______________________________________________ > Faudiostream-users mailing list > Faudiostream-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/faudiostream-users >
_______________________________________________ Faudiostream-users mailing list Faudiostream-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/faudiostream-users
