Universal Recovery Script

hesuchia

Member
The past couple days I've had an error message after every adventure

IOException during data post (https://zachbardon.com/mafiatools/autoupdate.php?f=recoveryScript_map_v2&act=getver): java.security.cert.CertificateException: No subject alternative DNS name matching zachbardon.com found..

Someone on the ascension speed discord told me it looks like the certificate is valid for www.zachbardon.com and not zachbardon.com. Not sure who's maintaining the script right now, but they advised I make you guys aware of it or it could be a problem down the line.
 

MCroft

Developer
Someone on the ascension speed discord told me it looks like the certificate is valid for www.zachbardon.com and not zachbardon.com. Not sure who's maintaining the script right now, but they advised I make you guys aware of it or it could be a problem down the line.
That was me.

Bash:
mcroft-MBP:~ mcroft$ curl -v https://zachbardon.com/mafiatools/autoupdate.php?f=recoveryScript_map_v2&act=getver
[1] 90046
mcroft-MBP:~ mcroft$ *   Trying 209.50.56.173...
* TCP_NODELAY set
* Connected to zachbardon.com (209.50.56.173) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: CN=www.zachbardon.com
*  start date: Feb 23 12:57:55 2021 GMT
*  expire date: May 24 12:57:55 2021 GMT
*  subjectAltName does not match zachbardon.com
* SSL: no alternative certificate subject name matches target host name 'zachbardon.com'

Looks like a new cert Feb 23, but no wildcard match or AltName for zachbardon.com.
 

fronobulax

Developer
should be fixed, per zarquon. My test passes. Someone can try the script.
I think I have commit access but I'm not certain just what needs to be fixed. I thought adding www was a workaround that is no longer needed not that the certificate at zarqon's site has been configured properly.
 

MCroft

Developer
Shouldn't need anything changed in the script, just someone to validate that it works again without the error.

My test was a command-line curl check of the cert, so it's circumstantial evidence, but running the script and not failing is better proof.
 
Top