AmiSSL status?

Hi guys,

As we all know, our old AmiSSL died on the rocks of the
various SSL bugs revealed over the last year.

This has killed any HTTPS:// browsing in IBrowse, secure
mail access in YAM and more.

From time to time I hear sporadic rumors that someone
might still be working on AmiSSL and that we might see
an update.

There's a sourceforge page on AmiSSL:

http://sourceforge.net/projects/amissl/

But it doesn't look like any files there have been
updated in 2-1/2 years.

Anyone know of something concrete happening? Is there
a light at the end of this tunnel?

Thanks,

PJS

@pjs

Quote:

That is certainly not true. The latest SVN commits were just 17 hours ago.

There hasn't been a new public binary release in a while but that doesn't mean that the project is dead.

@salass00

Thanks... Good to hear something might be happening
behind the curtain.

I hope we see something soon. My email box is filling
up and I'm missing IBrowse. ;)

PJS

I'm also looking for a more recent OpenSSL or AmiSSL. The existing ones don't support the certificate authority I'm using: GoDaddy. I've tried adding this manually to the certificate store with no success.
I need this to get the OWB browser working as a Webmail client, and am willing to pay someone for an update that works.

@logicalheart

There anvironment variable to set to ignore SSL errors that should solve certificate errors.

WEBKIT_IGNORE_SSL_ERRORS: If set (content doesn't matter) SSL errors, for example if certificate can't be authenticated, are ignored.

I think Odyssey has a similar setting in it's GUI.

@broadblues

Does SVN have a option like that?

@LiveForIt

SVN shouldn't need an option like that, it will ask you if you want ignore the error

I can't make any non-read-only checkout from current sf.net using the AmigaOS port of svn. Most likely a newer svn is needed for it to work as the current AmigaOS port is really old.

Hi guys,

So it's nearing two months since the last post on this
thread as well as since the last time there was a commit
shown on the AmiSSL sf page.

...and now it looks like we can't even use something as
simple as wikipedia with native Amiga browsers without the
the use of an updated AmiSSL.

Did AmiSSL get forgotten?

:/

Thanks,

PJS

@broadblues
Quote:

I don't think that's true if you are using the default settings. I was unable to perform SVN commits at SourceForge for almost 6 months last year. It wasn't until abalaban sent me the settings to let SVN ignore SSL errors that I was able to start commiting code again.

Besides, ignoring SSL errors is a workaround; not a solution.

@pjs

Define "native Amiga browsers".

@Chris

Easy: IBrowse, Aweb, Voyager, Lynx etc.

@Severin

Well, only one of those has had an update in the last ten years, none of them support CSS, so I think SSL not working is the least of their worries.

Update to a newer browser which uses OpenSSL, or ask Andy nicely if AWeb can be modified to use OpenSSL instead of AmiSSL.

(and Lynx? Really?)

@pjs

Why not ask Jens Maus (damato) directly?
He is one of the maintainers of AmiSSL

@Chris

You point to the lack of modern browser "features" like it
isn't a good thing.

:P

;)

It's rather amazing to me how often a lightning fast
browser that just gives me the content outshines the ad
delivery spy bots modern browsers have become.

Aside from the loss of the native browsers (less Lynx -
isn't that a loonix port?), we've also lost SSL
connections with YAM. You're good with that too?

Thanks,

PJS

@pjs Quote:
I'm probably being thick here, but Wikipedia works fine for me (Odyssey). Does that use something different to AmiSSL?

@pjs

SSL in YAM is working fine for me. At least, I think I'm using SSL, maybe I switched it off for some reason (not at home to check).

I usually use NetSurf, which displays the content correctly with CSS, but doesn't display any ads because it doesn't support any of the features they need.

@ChrisH

Yes, OpenSSL. Hence my earlier question, "define native Amiga browsers".

@Chris

Perhaps the SMTP server is configured in a way which allows YAM to operate with a secure connection.

A strange issue that I`ve noticed the other day : I tried to send a mail with YAM but it failed to do so, popping up a "failed TLSv1/SSLv3 initiation process to node smtp.mail.yahoo.com" message.

I have a yahoo account (as mentioned above), YAM 2.9p1 (18/04/2014) and nothing changed to system or settings, since the last successful try on 20/6/2015.

Any ideas?