2024-03-23, 06:40 PM
(2024-03-23, 06:13 PM)TheDreadPirate Wrote: Sorry to ask the obvious, but did you restart apache?
Yes, and I get to see them on https://www.ssllabs.com/ssltest/ as sent by the server.
Code:
1 Sent by server *.domain.tld
Fingerprint SHA256: 3cf4023913ae9df46cb0e3a21a3fa93635046f2ecb0a65200ca24d7558b3aaaf
Pin SHA256: EvvP2Ko2oL8jYeE9TCo8QruJXxgSy3FC6a2BPNVeqzI=
RSA 4096 bits (e 65537) / SHA256withRSA
2 Sent by server Sectigo RSA Domain Validation Secure Server CA
Fingerprint SHA256: 7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676
Pin SHA256: 4a6cPehI7OG6cuDZka5NDZ7FR8a60d3auda+sKfg4Ng=
RSA 2048 bits (e 65537) / SHA384withRSA
3 Sent by server USERTrust RSA Certification Authority
Fingerprint SHA256: 68b9c761219a5b1f0131784474665db61bbdb109e00f05ca9f74244ee5f5f52b
Pin SHA256: x4QzPSC810K5/cMjb05Qm4k3Bw5zBn4lTdO/nEW/Td4=
RSA 4096 bits (e 65537) / SHA384withRSA
4 In trust store AAA Certificate Services Self-signed
Fingerprint SHA256: d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef4
Pin SHA256: vRU+17BDT2iGsXvOi76E7TQMcTLXAqj0+jGPdW7L1vM=
RSA 2048 bits (e 65537) / SHA1withRSA
Weak or insecure signature, but no impact on root certificate(2024-03-23, 06:13 PM)TheDreadPirate Wrote: Are you able to check Android's cert store to verify that it trusts all certs in the chain?
Can you point me to a guide how to do that? On any Webbrowser, I see them as valid. Just found some programming pages on how to validate certs on android ...
As a side note, I just tested the findroid app from the very same phone, worked as expected and connected without trouble.