[arch-releng] ipxe.lkrn BIOS TLS issue
Santiago Torres-Arias
santiago at archlinux.org
Wed Oct 2 14:53:30 UTC 2019
On Wed, Oct 02, 2019 at 02:21:22AM +0000, Anindya Mukherjee wrote:
> I can load the .ipxe script from Firefox and display the certificate details:
>
> Serial: 04:45:82:E5:7F:72:A5:7A:C1:D5:E9:ED:8C:57:3C:1E:BB:B0
> SHA-256: AD:8D:28:BE:3D:A1:40:FB:08:AB:4C:1F:1E:B5:8E:B0:3E:4F:4A:52:23:69:AB:85:41:2D:60:A7:C2:80:25:80
> SHA1 25:95:32:0A:21:2E:CA:EA:43:AB:3F:1D:89:BF:9A:F7:D9:9E:59:F7
>
> Does that help? The certificate can be viewed by loading https://www.archlinux.org/releng/netboot/archlinux.ipxe in Firefox (for example) and clicking the green padlock.
Hmmm,
I wanted to get the certificate chain so I could see if the rootcerts on
the ipxe image trust that. I think this is an issue with us just
shipping one of the two LE certificates on the ipxe image.
Would you kindly share your image/anything else you have so I can debug
this? I may have some free time after work today...
Cheers!
-Santiago/Sangy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/arch-releng/attachments/20191002/44bc96e5/attachment.sig>
More information about the arch-releng
mailing list