Invalid expiration date of Sage's self-signed certificate
64 views
Skip to first unread message
Kwankyu
Nov 29, 2012, 8:54:50 PM11/29/12
to sage-s...@googlegroups.com
Hi all,
I noticed there is a problem with the Sage's self-signed certificate for my own server. See the validity date. Why is it 2004? Thanks for an answer in advance. My system is Sage 5.4.1 on Ubuntu Server.
X.509 Certificate Information:
Version: 3
Serial Number (hex): 1f36ede1
Validity:
Not Before: Fri Nov 30 01:43:29 UTC 2012
Not After: Thu Mar 11 19:15:13 UTC 2004
...
Kwankyu
Nov 29, 2012, 9:22:06 PM11/29/12
to sage-s...@googlegroups.com
In the meantime, I investigated this issue a bit more. The root of the problem is the too large value of expiration_days ="10000" in ".sage/notebook/cert.cfg", which is automatically generated in the notebook.setup() command. I tried to change the value like 8999. Then the generated certificate has valid expiration date like 2037, but the cert.cfg file is overwritten by notebook.setup()....
Dima Pasechnik
Nov 29, 2012, 10:53:31 PM11/29/12
to sage-s...@googlegroups.com, sage-n...@googlegroups.com
On 2012-11-30, Kwankyu <ekwa...@gmail.com> wrote:
> ------=_Part_809_10674594.1354242126940
> Content-Type: text/plain; charset=ISO-8859-1
as far as I know, expiration_days is set in
sagenb/notebook/run_notebook.py
I cc this to sage-notebook; hopefully this is trivial to fix in their
upstream.
Dima
> ------=_Part_809_10674594.1354242126940
> Content-Type: text/plain; charset=ISO-8859-1
sagenb/notebook/run_notebook.py
I cc this to sage-notebook; hopefully this is trivial to fix in their
upstream.
Dima
Kwankyu
Nov 29, 2012, 11:25:45 PM11/29/12
to sage-s...@googlegroups.com, sage-n...@googlegroups.com
Thanks Dima.
There is also a related issue. The Sage notebook generates 512 bits rsa private key by default, at least on my system. This key is considered weak by the latest Chrome, and it does not accept the certificate containing the weak key. Using 1024 bits rsa key, I succeeded to make Chrom to accept the self-signed certificate.
Kwankyu
Dima Pasechnik
Nov 30, 2012, 1:40:15 AM11/30/12
to sage-s...@googlegroups.com, sage-n...@googlegroups.com
Dima Pasechnik
Nov 30, 2012, 9:02:59 AM11/30/12
to sage-s...@googlegroups.com, sage-n...@googlegroups.com
["Followup-To:" header set to gmane.comp.mathematics.sage.notebook.]
On 2012-11-30, Dima Pasechnik <dim...@gmail.com> wrote:
> ------=_Part_464_11607180.1354257615111
> Content-Type: text/plain; charset=ISO-8859-1
what is your system? As you can see from the lines 417-433 of
https://github.com/sagemath/sagenb/edit/master/sagenb/notebook/run_notebook.py
it depends upon the OS how the cert is generated.
Dima
On 2012-11-30, Dima Pasechnik <dim...@gmail.com> wrote:
> ------=_Part_464_11607180.1354257615111
> Content-Type: text/plain; charset=ISO-8859-1
https://github.com/sagemath/sagenb/edit/master/sagenb/notebook/run_notebook.py
it depends upon the OS how the cert is generated.
Dima
Kwankyu
Nov 30, 2012, 7:04:31 PM11/30/12
to sage-s...@googlegroups.com, sage-n...@googlegroups.com
It is Ubuntu server.
Kwankyu
Reply all
Reply to author
Forward
0 new messages