Remix.run Logo
jmclnx 16 hours ago

This is what I get:

    Testing via IPv4:
    SHA1 Fingerprint=A3:27:99:AA:0A:21:D8:11:B1:86:6E:CC:3A:12:CA:EC:2E:ED:F6:DA
    SHA256 Fingerprint=0B:77:CB:2F:80:87:98:6B:A8:C3:75:E7:4B:BF:04:4E:C5:5A:CD:00:7A:78:E9:FD:32:2A:72:24:4D:B1:79:EF
    notBefore=Jul 17 03:19:04 2026 GMT
    notAfter=Oct 15 03:19:03 2026 GMT

    Testing via IPv6:
But the distro I am using is still on openssl v2, patched with recent updates
Bender 12 hours ago | parent | next [-]

The dates should be the same if we are looking at the same cert regardless of openssl version. Your output does not contain IP addresses. I suspect mjmas may be correct in that someone or something is performing a man in the middle attack.

Do you have a security proxy or a corporate VPN? Some corporate IT setups will route people through a stack of security devices that may or may not decrypt your traffic. In the past there have also be anti-virus applications that have acted as a man in the middle proxy.

Or worst case there could be malware on your machine. Either way you should figure that out before putting anything sensitive on that machine or logging into anything sensitive. Make a physical note of all the sites you have logged into and find a clean secure machine to change all the passwords starting with your email provider(s) as attackers can prevent password changes if your email access is locked out. If this is a corporate laptop call your security operations center.

The certificate transparency site keeps timing out for me but maybe it will eventually respond for you or your team. [1]

[1] - https://crt.sh/?q=www.texasattorneygeneral.gov

harshreality 7 hours ago | parent | prev [-]

try adding -issuer after -dates

the real one is issuer=C=US, O=Google Trust Services, CN=WE1

I hope you meant 1.0.2 or 3.2. There was never an openssl v2 release, so if that's what it's reporting, you have problems.

The program (unitary gigantic bash script) testssl.sh (github) can give you a thorough rundown on the ssl properties of whatever's MITMing you. The other possibility is that cloudflare is unusually serving you an alternate certificate and your ancient openssl and browser are both unable to handle whatever the presented cert algos/extensions are.