Hi Gents,
Have given it a poke around and there seems to be a certificate issue on the Qobuz server. On the Naim solution we check the validity of certificates before trusting them (aka good security practice) and it’s failing.
I’ll chase this up with Qobuz engineering, but this might correct itself in the next 24hrs.
Regards
Steve
PS. openssl reports:
openssl s_client -connect www.qobuz.com:443 -prexit
CONNECTED(00000003)
depth=3 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
verify error:num=10:certificate has expired
notAfter=May 30 10:48:38 2020 GMT
Certificate chain
0 s:/OU=Domain Control Validated/OU=Gandi Standard Wildcard SSL/CN=.qobuz.com
i:/C=FR/ST=Paris/L=Paris/O=Gandi/CN=Gandi Standard SSL CA 2
1 s:/OU=Domain Control Validated/OU=Gandi Standard Wildcard SSL/CN=.qobuz.com
i:/C=FR/ST=Paris/L=Paris/O=Gandi/CN=Gandi Standard SSL CA 2
2 s:/C=FR/ST=Paris/L=Paris/O=Gandi/CN=Gandi Standard SSL CA 2
i:/C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority
3 s:/C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
Server certificate
-----BEGIN CERTIFICATE-----
MIIGeDCCBWCgAwIBAgIRAI4/n0oy+CLRXLyJp3Bn4xswDQYJKoZIhvcNAQELBQAw
XzELMAkGA1UEBhMCRlIxDjAMBgNVBAgTBVBhcmlzMQ4wDAYDVQQHEwVQYXJpczEO
MAwGA1UEChMFR2FuZGkxIDAeBgNVBAMTF0dhbmRpIFN0YW5kYXJkIFNTTCBDQSAy
MB4XDTE5MTAwMTAwMDAwMFoXDTIxMTAyMzIzNTk1OVowXzEhMB8GA1UECxMYRG9t
YWluIENvbnRyb2wgVmFsaWRhdGVkMSQwIgYDVQQLExtHYW5kaSBTdGFuZGFyZCBX
aWxkY2FyZCBTU0wxFDASBgNVBAMMCyoucW9idXouY29tMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAzo8Nz6iTsgVLxeD/91HB7lid5DgMT6P/nMPEUcik
Q01Wy6Qd43VrkPFVX2xLKH2ZThXb5UOrhmPKwaHeov/hdnfUq1KyOawXkxrEyyld
x1OjSxBIs6bLFDj64Oa+l7N0DBpFntt+BIxWlO+VNlLOZn5cVzNQj6Aw55qdpobY
dbQq3TMTBNYpyn6TlOs0n9tccTF7AGZgUP9WPWLvLuRJDahmZ2ckm78dT7laOxK2
/zNkg/ZYxIe/VwpE1TxTruvCyIBOsGZ+kJRrL2bwwJnPgwFut7tIcCKKKUyHoNzR
xyN9ACltpYv/WmNpcL8ucylTQN3avNVpWwBIFN3z6MEkGQIDAQABo4IDLTCCAykw
HwYDVR0jBBgwFoAUs5Cn2MmvTs1hPJ98rV1/Qf1pMOowHQYDVR0OBBYEFLL1FqLe
qZvJpVdL23niUe6gbnh1MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBLBgNVHSAERDBCMDYGCysGAQQB
sjEBAgIaMCcwJQYIKwYBBQUHAgEWGWh0dHBzOi8vY3BzLnVzZXJ0cnVzdC5jb20w
CAYGZ4EMAQIBMEEGA1UdHwQ6MDgwNqA0oDKGMGh0dHA6Ly9jcmwudXNlcnRydXN0
LmNvbS9HYW5kaVN0YW5kYXJkU1NMQ0EyLmNybDBzBggrBgEFBQcBAQRnMGUwPAYI
KwYBBQUHMAKGMGh0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9HYW5kaVN0YW5kYXJk
U1NMQ0EyLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNv
bTAhBgNVHREEGjAYggsqLnFvYnV6LmNvbYIJcW9idXouY29tMIIBgAYKKwYBBAHW
eQIEAgSCAXAEggFsAWoAdgD2XJQv0XcwIhRUGAgwlFaO400TGTO/3wwvIAvMTvFk
4wAAAW2GqZh9AAAEAwBHMEUCIAIZBGTYzC1bsRpzTOuW3xpHyMDDgA+SOIhFKEtQ
Wef8AiEAkbaTKp0FBks7CUnFW8JbvCWrioixY1jSEYULK6fdjqAAdwBElGUusO7O
r8RAB9io/ijA2uaCvtjLMbU/0zOWtbaBqAAAAW2GqZieAAAEAwBIMEYCIQDUYkVz
+jRTUbg+J+8ow28eFn38aht3o5h6Pzx5MGketgIhALJ9IyNPp+2IKslcSY+DptsX
IxnMRhRR481dMLuAjIU0AHcAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT
0wwAAAFthqmYdQAABAMASDBGAiEAlBALA0h5JUh8a78l9kLBtkN4/SDz6S5te+Fm
okEIYM0CIQDa3JkOVh+UrWLeodNqEEbavHbXJ5Jih3uDEPyQl6XENzANBgkqhkiG
9w0BAQsFAAOCAQEAHYIvHGHmxzNrcywO1NFKtKv7Q1TOMNF3HXQahOZrq3E1S85T
aP118Ifmk2bGk7rVOFG1QMfnXdHm0hpOZCfNDsntcIqa8hLY71VlHmGkCvSYagY6
i3pxaT87fM47Qi/6RdF4fBDLtfDjtIJgQOQqBwEKsFne/K4Mn9LGhb0Ukdlcv0oC
w81NYz1/L85zChH5B/LObdXBe5hOenTfMbW9O3pHbIi1JVy5agEfz0HPdQ3FRCmZ
1ZVL0cav08g8tXMOHLBIyy16zOFQ4GiI4mY9njMvdqG7xLgi9Z3e7IEO2qcZWmOg
gMZOQAwGuZdWiqV0y/DGrrl9M2S/XZnreZdghw==
-----END CERTIFICATE-----
subject=/OU=Domain Control Validated/OU=Gandi Standard Wildcard SSL/CN=*.qobuz.com
issuer=/C=FR/ST=Paris/L=Paris/O=Gandi/CN=Gandi Standard SSL CA 2
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
SSL handshake has read 6756 bytes and written 434 bytes
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: A6864A5B22B842211E71B260868258BA6C74FBE6740B3BABFD22C9218985A6F9
Session-ID-ctx:
Master-Key: 5D871AA1DF46620BA5776B2D03897F7ED9DB799DD074C416DF4546E8CB3EFCF14BEEE3E0C9B597134B6E16E14DE91030
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1590871170
Timeout : 300 (sec)
Verify return code: 10 (certificate has expired)