maemo.org Bugzilla – Bug 10951
SSL certificate for bugs.maemo.org expired
Last modified: 2010-07-27 12:44:08 UTC
You need to log in before you can comment on or make changes to this bug.
SOFTWARE VERSION: Any browser. EXACT STEPS LEADING TO PROBLEM: (Explain in detail what you do (e.g. tap on OK) and what you see (e.g. message Connection Failed appears)) 1. Go to https://bugs.maemo.org/ (or even just http as you'll get redirected) 2. Browser will warn you that the SSL certificate expired on 17th July 2010. 3. There is no step no. 3. EXPECTED OUTCOME: See bugs.maemo.org ACTUAL OUTCOME: Warned that certificate has expired. REPRODUCIBILITY: (always, less than 1/10, 5/10, 9/10) Always EXTRA SOFTWARE INSTALLED: N/A OTHER COMMENTS: Firefox 3.6 complains with: bugs.maemo.org uses an invalid security certificate. The certificate expired on 17/07/10 09:59. (Error code: sec_error_expired_certificate) User-Agent: Mozilla/5.0 (compatible; Konqueror/4.4; Linux; X11; en_AU) KHTML/4.4.92 (like Gecko) Kubuntu
Confirmed. Cert expires today for bugs.maemo.org.
Hopefully this will be fixed quicker than the 7 months it took to fix the similar problem with stage.maemo.org (Bug 5551). I am disappointed with these certificate expiries - someone should be on top of this issue. Certificate expiries are bad enough, but I just hope noone forgets to renew the maemo.org domain as that would be even worse.
hey, at least i didn't have to file this bug today! (i was about to, searched and was pleasantly surprised to see someone else already had.)
Firefox actually prevents access to bugs.maemo.org now - the user has to register an exception in order to continue, which is frankly appalling and an inexperienced user may not proceed thinking the site has been hacked or some such. I used to maintain a secure web site for a major investment bank (one of many they had) and Verisign would notify the certificate admin by automated email several weeks prior to each certificate renewal date in order to avoid this kind of outage. We used a distribution list for the certificate admin email address to allow for vacations etc. Obtaining a new certificate then took less than 24 hours, and the new certificates were valid from about 6 weeks prior to the expiry date of the old certificates allowing plenty of time for the updated certificates to be applied. Given that most certificate providers follow similar practice there really is little excuse for these repeated occurrences of expired certificates.
/mode spam on if the porblem is the money...Free ssl certificates for 1 years https://www.startssl.com/ /mode spam off
maemo.org is a Nokia sponsored website and I assume "sponsored" means at least everything regarding the infrastructure. Like certificates. Please let me know if I'm wrong.
There's nothing that the *maemo.org team* currently can do here. Nokia is aware of this problem since Monday, 19th. They are working on it and I ping from time to time as fixing should not take that long but obviously does (don't ask me why)...
FYI, the certificates on lists.maemo.org and wiki.maemo.org are also expired (I assume the same people are responsible for updating all .maemo.org certificates).
For https://wiki.maemo.org and https://bugs.maemo.org it's fixed now. For https://lists.maemo.org it isn't yet.
Nokia (and also Niels) are aware that lists.* is still needed. As this report is about bugs.maemo.org, closing as FIXED.