Chrome 怎么私自给了我一张过期的证书,中间人攻击?

2024-05-02 21:20:47 +08:00
 MuskLee
还不提示风险?
有 M 遇到过的吗?

<pre>
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIRAI9AmywfQbGqEbaQnoikYKUwDQYJKoZIhvcNAQELBQAw
RjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM
TEMxEzARBgNVBAMTCkdUUyBDQSAxUDUwHhcNMjQwMTA5MDgxMjQ0WhcNMjQwNDA4
MDgxMjQzWjARMQ8wDQYDVQQDEwZ5ZXMuZG8wggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5DSL5L1i8E97ZNjXYAJTLtlc5SOXiUFNAEY9Ujf8mntH13I+T
SvTYxjGOHGztBk5eHsxI/8JB1bKkRvBYb6EREWFTWFVJwpAziUcigwINeKvoFvGb
gurKYc3OSwz4znMiZcMW5DLYjAqOpjUFFji1mNEcdLQCs1I7XyeWW7vBvSgIY+Di
Ooh/8lXDNR7LmDYHEAJ3EGJq8yQMHNi1fYYTWXDPLF3PziZopouhR8XG2tIvXQdw
oP7/NIH1+TO5QDkq5l5L7bRuX0+/GQUedR0I64oQ3rs+hkfdvopEyVkv+IPSX7Js
hMOklOG3BTq3+eVpkQ/mUpGBaEdnCQNbkQwBAgMBAAGjggJ3MIICczAOBgNVHQ8B
Af8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADAdBgNV
HQ4EFgQU6SopAkWyq92cttNUSPutrvYARbwwHwYDVR0jBBgwFoAU1fyeDd8eyt0I
l5duK8VfxSv17LgweAYIKwYBBQUHAQEEbDBqMDUGCCsGAQUFBzABhilodHRwOi8v
b2NzcC5wa2kuZ29vZy9zL2d0czFwNS9sNkxDenZjMDNkYzAxBggrBgEFBQcwAoYl
aHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzMXA1LmRlcjAbBgNVHREEFDAS
ggZ5ZXMuZG+CCCoueWVzLmRvMCEGA1UdIAQaMBgwCAYGZ4EMAQIBMAwGCisGAQQB
1nkCBQMwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybHMucGtpLmdvb2cvZ3Rz
MXA1LzU4S293N2w1QVBrLmNybDCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AHb/
iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABjO1+4XkAAAQDAEcwRQIg
cSFhLiILXZt1mbHfaWWrTgOoXdjpeScI5KrqMybS3bACIQDPC/d+NPqZogxpz8hT
WBtAhFeAa5WibAuPceoLra5ppAB2ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2k
PTBI1/urAAABjO1+4YAAAAQDAEcwRQIgHpkxKJP9HPg+CCrY21qr/jWoX8XD7XfM
4tm7IYN+8XgCIQC8v4ae4aw5cZR9sqmrMtLhPLr3R5Yba/OZubahq9vo7jANBgkq
hkiG9w0BAQsFAAOCAQEAep79ngEVWoMQZvLJZ1dx1Ncf/cmWeFRGKM7I6ekTgz+C
uyOUoZWrE7Yfg0NSrRf+DAOCJ8yW3pl8viRUI6eWOKs09/D/wrDxbD4KiU+6AwfF
JVC0UV6jjsG+o8kyrVYSS+WplZA8rJrYYQsIAz8yQELHBWPMRnVV+k593ejcI2oZ
jiAXO6oRZWl1ec2JMt4WN391tM2COnLQx6JTpL/or5+sT6kLM9kUpCuZzNXSNXF+
OeQlvhTTuan1ITnHxp5hEtbVOD7rgZrR9uEzcjcAG0vLP3XpUNtCqoJhYh2z6861
kon99JvpEXvIsTA+SauQZRyx3TRI1jrzcDm2cgO8mg==
-----END CERTIFICATE-----

</pre>

图: https://yes.do/d/8
2213 次点击
所在节点    问与答
14 条回复
MuskLee
2024-05-02 21:21:59 +08:00
chrome 打开显示是 google 的证书
safari 打开则是我 acme.sh 的证书

好奇怪
MuskLee
2024-05-02 21:22:30 +08:00
有高手知道上面这张证书哪里来的吗?
MuskLee
2024-05-02 21:25:01 +08:00
https://imgur.com/bHM9yid

https://imgur.com/undefined
MuskLee
2024-05-02 21:25:25 +08:00
https://imgur.com/OILp9wH
yyzh
2024-05-02 21:25:39 +08:00
无法复现
MuskLee
2024-05-02 21:27:14 +08:00
@yyzh 我的 chrome 问题?清空缓存了,依然如此
MuskLee
2024-05-02 21:28:42 +08:00
<img src="https://imgur.com/OILp9wH"/>
IDAEngine
2024-05-02 22:10:42 +08:00
估计是网站 DNS 解析的问题,出现两个 IP 80.251.211.174 ,另一个 IP 172.67.173.199 ,两个 IP 用的的证书不一样,谷歌浏览器可能就是使用了内置的 DNS Over TLS ,当解析的 IP 是 172.67.173.199 时,使用的是 cloudflare 颁发的免费谷歌证书
yyzh
2024-05-02 22:13:24 +08:00
对.阿里 dns 解析出来的是 cf 的 ip
IDAEngine
2024-05-02 22:14:49 +08:00
打开 chrome://net-internals/#dns 点击 clear host cache 就可以解决 cloudflare 颁发的免费谷歌证书
MuskLee
2024-05-02 22:27:58 +08:00
@IDAEngine 👌牛
MuskLee
2024-05-02 22:28:33 +08:00
@IDAEngine 👌了
7VO54YYGvw3LOF9U
2024-05-03 01:05:12 +08:00
你知不知道域名太好看会导致你发出来就像在引流
MuskLee
2024-05-03 11:49:17 +08:00
@hugi 不否认,狗头

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/1037445

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX