Folding Forum

Hello, There seems to be a problem with the SSL certificate for the fah-web stanford edu website. Firefox, wget and curl all throw Certificate Errors:

If this H T T P S server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the U R L).

while it's easy enough to pass the 'ignore' cert flags to wget, curl, Firefox doesn't offer this option when visiting the Folding At Home homepage, the Download link fails to appear; it is also insecure, as theidea of an SSL certificate is to certify the site as being secure and who they say they are... Ignoring Cert Errors defeats the purpose of forcing SSL to begin with. Google Chrome ironically seems to be fine with the Certificate, but one can not ignore the obvious problem with Firefox, wget, curl and other browsers. Someone should correct the certificate error.

Welcome to the folding support forum jnbek!

I'm not sure why you're having this problem but I can say that I do not have any certificate problems using Firefox 14.0.1.

As you can see in the certificate it doesn't expire until jun/2013.

I'm not sure what's going on, but, there is a definite problem with the cert...

I often see this on Chrome, as well as on the Dolphin browser. There have been other reports on this before.

It's possible that I did get that message some time ago and clicked on "I Understand the Risks" and added the certificate.

As Jesse_V stated similar issues have been seen before:

viewtopic.php?f=27&t=21382&p=215078&hilit=certificate#p215078

I am aware that I can "Understand the Risks" but again, that seems to defeat the purpose of having an SSL Certificate and forcing an https connection in the first place. I am unsure about why Firefox, cURL, wget all freak out while Google Chrome on Linux and, well Microsoft + Security (.*) is an oxymoron in itself, so I'm not surprised Windows users aren't experiencing the issue, however, Certificate problems, such as these will just serve to scare away prospective Folders who would otherwise download and contribute to this fine program. Either way, my purpose was to inform the webmaster of the fah-web site of the issue so it can be resolved correctly. I would like to create a package for Arch Linux AUR, and makepkg uses either curl or wget, and while I could inform Arch users to add the 'ignore cert' flag to their pacman conf files, this would simply incite mockery, and disdain for the package, and consequently the F@H program itself, the currently available AUR package is an outdated 6.X series executable, and since the newest version is 7.1.52 from fah-web.... Anyways... I hope the webmaster can be provided the information about the certificate chain being incorrect, so it can be resolved to everyone's satisfaction.

If your intentions are to repackage the F@H client then you should know that that would not allowed in Stanford's EULA.

no no, i have no intention of repackaging anything, the 'package' system i refer to, downloads the software from the source, and installs it for the user, as the package is provided, I wouldn't dare take chances with repackaing the client, it's look likely I'd screw something up

The folding project does know that there's a project with Stanford's certificate on that server and they plan to do something about it but I can't promise when. (... and I suspect the I/S department owns the certificate, not the FAH project.) I know I've checked "I understand the risks" and to save this certificate since I'm on a new computer and I had to (re-)authorize it quite recently.

OK bruce, thank you