13
submitted 9 months ago* (last edited 9 months ago) by kixik@lemmy.ml to c/fediverse@lemmy.ml

https://disroot.org provides several decentralized federated services, as email and xmpp, besides other cloud services as well... But not sure if asking here is right or not, but don't know anywhere to ask either...

Is it having a license issue, does anyone know about it? Any status updates?

Websites prove their identity via certificates. LibreWolf does not trust this site because it uses a certificate that is not valid for disroot.org. The certificate is only valid for p1lg502277.dc01.its.hpecorp.net.
 
Error code: SSL_ERROR_BAD_CERT_DOMAIN

But also:

disroot.org has a security policy called HTTP Strict Transport Security (HSTS), which means that LibreWolf can only connect to it securely. You can’t add an exception to visit this site.

The issue is most likely with the website, and there is nothing you can do to resolve it. You can notify the website’s administrator about the problem.

I also tested with ungoogled chromium and pretty similar thing...

Anyonea aware, and also about disroot saying on this?

Edit (sort of understood already, no issue with disroot at all): The issue only shows up under the office VPN. It seems like disroot is not recognizing the office's cert...

Edit: Solved. Yes it's the office replacing the original cert with its own, as someone suggested. Thanks to all.

you are viewing a single comment's thread
view the rest of the comments
[-] delirious_owl@discuss.online 6 points 9 months ago

Sounds like your network is doing something evil. Try it in TAILS.

[-] lemmyvore@feddit.nl 4 points 9 months ago

Their company is attempting to hijack TLS connections to eavesdrop on their browsing.

It only works with websites that also offer a non-TLS version (which the hijacker uses to fetch content and then re-encrypts with their own certificate after they've snooped). But it doesn't work if the website doesn't have a non-TLS version and/or specifies it should only be used with TLS.

Another way for it to work is for the company to get their own certificates on the machine, which is very easy if it's a work-issued machine. But I'm guessing OP is not using a work machine.

[-] kixik@lemmy.ml 2 points 9 months ago

Yeap, got it. Thanks a lot !

this post was submitted on 27 Feb 2024
13 points (78.3% liked)

Fediverse

17776 readers
51 users here now

A community dedicated to fediverse news and discussion.

Fediverse is a portmanteau of "federation" and "universe".

Getting started on Fediverse;

founded 5 years ago
MODERATORS