maemo.org - Talk

maemo.org - Talk (https://talk.maemo.org/index.php)
-   Maemo 5 / Fremantle (https://talk.maemo.org/forumdisplay.php?f=40)
-   -   Security certificates have expired. (https://talk.maemo.org/showthread.php?t=100396)

bradvesp 2018-07-15 23:20

Security certificates have expired.
 
Ug so many security certificates have expired. I keepbgetting a "No cypher overlap" error message when I use the maemo web browser. Opera's only a little better.

jonwil 2018-07-15 23:34

Re: Security certificates have expired.
 
Its got nothing to do with security certificates expiring. The problem is that many websites now require TLS 1.2 (because TLS 1.2 is a lot more secure than the older TLS 1.0 standard) and the Maemo web browser doesn't support TLS 1.2. I have been trying to find a way to get TLS 1.2 support into the Maemo browser but so far have not had any success with my plans.

Fellfrosch 2018-07-16 08:05

Re: Security certificates have expired.
 
My solution at the moment is webcat, which is also a nice browser. Anyway I think there is the need to bring the stock browser to an actual state of art.

Halftux 2018-07-16 09:11

Re: Security certificates have expired.
 
Quote:

Originally Posted by Fellfrosch (Post 1546284)
My solution at the moment is webcat,

So were I can get webcat for maemo5 then?

@jonwil you done a great job with the qt fixes. So could there be a possibility that there is a webbrowser on Qt basis which profit of your TLS patches. Like with my qt application, they working now with TLS 1.2. Thanks for that.
Or does QtWebKit not using the network modules from QT?
Or how about this QML browser is a recompilation with your latest cssu patches maybe the key to a right out of the box working browser?

Fellfrosch 2018-07-16 09:47

Re: Security certificates have expired.
 
Good question ;)
Stupid me has totally overseen, that it is a N900 thread.
SORRY!

p.s. Maybe you can at least find some comfort with the knowledge, that also the Sailfish stock browser is somewhat outdated ;P

Halftux 2018-07-16 09:48

Re: Security certificates have expired.
 
Btw the Dillo webbrowser in debian sid is compiled against openssl 1.1.
And it is already in the maemo repository. So including the latest debian patches and compiling against latest cssu openssl could be a solution for the tls 1.2 problem. It will not be useable for people who like to visit javascript sites.

Maybe it is worth a try.

jonwil 2018-07-17 10:45

Re: Security certificates have expired.
 
The best solution I suspect will be to somehow get the latest Debian QT 4.x version (with all the Debian local patches) working completly on Maemo Fremantle (which will require identifying all the maemo-local QT patches and forward porting them and also fixing anything that needs fixing due to the newer QT needing newer versions of libraries than Maemo Fremantle has. Then we need to find an existing QT4.x/webkit/whatever-based browser with the needed features that can run on Maemo and port it over (mostly there may need to be features like whatever it is that brings up the phone dialer when you click phone numbers in a web page).

I dont have the time right now to contribute to the effort but I would love a better browser on the N900 that can run TLS 1.2 web sites and all the other things that just wont run on the N900's ancient engine because they use more modern HTML/CSS/JS/etc features.

bradvesp 2019-08-13 12:31

Re: Security certificates have expired.
 
Bumping this thread up and onto The Active Topics.

sulu 2019-08-17 08:57

Re: Security certificates have expired.
 
Quote:

Originally Posted by jonwil (Post 1546281)
The problem is that many websites now require TLS 1.2 (because TLS 1.2 is a lot more secure than the older TLS 1.0 standard) and the Maemo web browser doesn't support TLS 1.2.

I just uploaded a netsurf 3.9 build for Easy Debian that should support up to TLS 1.3:

https://talk.maemo.org/showthread.ph...69#post1559169

bradvesp 2019-08-20 12:18

Re: Security certificates have expired.
 
I forgot there was a workaround to this problem; found it months ago. The following, or any well configured, proxy website will circumvent the errors:

https://proxy.toolur.com/


All times are GMT. The time now is 00:24.

vBulletin® Version 3.8.8