CashFusion server fusion.tokamak.cash:8788 SSL/TLS cert expired

Question

CashFusion server fusion.tokamak.cash:8788 SSL/TLS cert expired

gasull opened this issue 2 years ago · 1 comments

The certificate has expired.

$ openssl s_client -connect fusion.tokamak.cash:8788
CONNECTED(00000003)
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = fusion.tokamak.cash
verify error:num=10:certificate has expired
notAfter=Mar  2 13:02:49 2023 GMT
verify return:1
depth=0 CN = fusion.tokamak.cash
notAfter=Mar  2 13:02:49 2023 GMT
verify return:1
---
Certificate chain
 0 s:CN = fusion.tokamak.cash
   i:C = US, O = Let's Encrypt, CN = R3
 1 s:C = US, O = Let's Encrypt, CN = R3
   i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
 2 s:C = US, O = Internet Security Research Group, CN = ISRG Root X1
   i:O = Digital Signature Trust Co., CN = DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISA5D3GfwQHghoxJs26FRYeMIvMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMjEyMDIxMzAyNTBaFw0yMzAzMDIxMzAyNDlaMB4xHDAaBgNVBAMT
E2Z1c2lvbi50b2thbWFrLmNhc2gwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC0v/GQMEhZXvBbJMk+4BzP5hnb15bxKAyyS161PDA1K2T+W8twes5iolTM
nbMabtjWrui83YokDOMTUsXIOnSD9yzAXDCex2cwxENxU+Fy/izDhLF+RyGDv5nv
8/ZZpZNVf5Ab8wTjL0+ZN79oxaeuu+LSPLJzQ6aUNKzXcuevr6vL8rydH0iaRSFQ
4khtnjh3m1Igj3FjbGdzZr64JKpS3D5DaYvxgWDDlSz9QNv+Rp4bzUjJ9BMLgXNF
njF0NS/S3i70pJJlystMKfUapBpkRGPqUVAT31qCBfwoC212y2nbziRNuzQvZOgP
sFMjSSMYOWh/G7P/r/o2kUb/cQfLAgMBAAGjggJQMIICTDAOBgNVHQ8BAf8EBAMC
BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAw
HQYDVR0OBBYEFF5n+VgEMZUPjEUB39TexGqx8ed6MB8GA1UdIwQYMBaAFBQusxe3
WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0
cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5j
ci5vcmcvMB4GA1UdEQQXMBWCE2Z1c2lvbi50b2thbWFrLmNhc2gwTAYDVR0gBEUw
QzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDov
L2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEGBgorBgEEAdZ5AgQCBIH3BIH0APIAdwC3
Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYTTJacHAAAEAwBIMEYC
IQDX1m2Ips2zIFBDIzDb+WeoNiLwoS2WBSzEcHYMZrIjCAIhAOvVX5Iz/SiAqMnw
2TcypFfx5amepa8lMthAqgZKDQvKAHcArfe++nz/EMiLnT2cHj4YarRnKV3PsQwk
yoWGNOvcgooAAAGE0yWnNAAABAMASDBGAiEAohs6Q37EhIwlBXC+cpxabbjowhDn
zlT5yfENzxZWpgoCIQDls7D4Em3R4Q5WvwS+U1fGIDco+0IFPVXBGkGFdcZkTjAN
BgkqhkiG9w0BAQsFAAOCAQEAXVNLQSeNay/bD5E37jZDlMYSWzcROXKUXuTwsEJP
WlsCKwrL8qd70zqld2MV34ym8lOp488CNaYBnUBivlctUJobiYm2hYMsaz/idADR
1+cBFgBCeydk8DG1MFD5g4eUwawEfCqOk4BxQ6AEqZ7jp0H/D4/g0iPxCr6ra6w+
6y8zowwmqrZ2ePDJUQASmvY9kSpZV2knFjHxtATumBuvvD1OrxjsqIAeqXS5eHnv
0DkTIQzxoSBbymRB5Iu/O5d6F/E5ogz6xheWCpI+LqJ3bPly4woNUGP1EpaUT/jQ
bbC1cJQxZXox2YDCkm5MIf93e6/QKNw9MbrEl0ildWCIFg==
-----END CERTIFICATE-----
subject=CN = fusion.tokamak.cash

issuer=C = US, O = Let's Encrypt, CN = R3

---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 4582 bytes and written 391 bytes
Verification error: certificate has expired
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 10 (certificate has expired)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_256_GCM_SHA384
    Session-ID: B851DEA04DF321EBAEBBDC0B5F887218D59BF569FB8FCBB57D76CFD7B03CDD22
    Session-ID-ctx: 
    Resumption PSK: 324B5C5F8545571CB90B07EEB66A6A71EBE8960A10AD3D42FE1CE8E6BA6A557221A3EC8FAB4968AF66E6CCB2DBDD4670
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 3600 (seconds)
    TLS session ticket:
    0000 - f4 7e fa cf 36 eb 57 78-48 75 45 39 c4 ea aa 95   .~..6.WxHuE9....
    0010 - 08 16 b1 ce 0f da 41 07-fb ec e5 1f ea f1 36 c2   ......A.......6.

    Start Time: 1677928426
    Timeout   : 7200 (sec)
    Verify return code: 10 (certificate has expired)
    Extended master secret: no
    Max Early Data: 0
---
read R BLOCK
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_256_GCM_SHA384
    Session-ID: 98AAB52C072F7D3949A0C33489DFDF931112E05F34E240731EAD97360CBEEA87
    Session-ID-ctx: 
    Resumption PSK: 08637A177FC0C513490A85BF095494BED3EC10CC6D12DD04ACBC392537B754433C7E56339F364286970D10B7A1E04548
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 3600 (seconds)
    TLS session ticket:
    0000 - 29 22 0f 7d 94 08 e8 47-0b 40 04 5a 29 49 c4 b2   )".}...G.@.Z)I..
    0010 - 78 12 1d 1c 04 59 e9 ba-c8 5c 17 b1 a0 19 5f 71   x....Y...\...._q

    Start Time: 1677928426
    Timeout   : 7200 (sec)
    Verify return code: 10 (certificate has expired)
    Extended master secret: no
    Max Early Data: 0
---
read R BLOCK
closed

Answer 1 · 2023-03-28T06:02:35.000Z

It looks like it is working again.