Bug 3083 - lists.maemo.org has an invalid security certificate
: lists.maemo.org has an invalid security certificate
Status: RESOLVED FIXED
Product: maemo.org Website
General
: unspecified
: All Linux
: High normal (vote)
: ---
Assigned To: Niels Breet
: general@maemo.org
: https://lists.maemo.org
:
:
:
  Show dependency tree
 
Reported: 2008-04-12 14:11 UTC by Tony Green
Modified: 2008-04-30 12:49 UTC (History)
1 user (show)

See Also:


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description Tony Green (reporter) 2008-04-12 14:11:42 UTC
STEPS TO REPRODUCE THE PROBLEM:
Navigate to http://maemo.org/community/mailing-lists.html using Firefox 3 Beta
Click on an of the links under "Subscribing via Web"
EXPECTED OUTCOME:
Should see the page allowing me to subscribe
ACTUAL OUTCOME:
Firefox reports:
Cannot Complete Request

lists.maemo.org uses an invalid security certificate.

The certificate is only valid for maemo.org.

(Error code: ssl_error_bad_cert_domain)

REPRODUCIBILITY:
Always

EXTRA SOFTWARE INSTALLED:
N/A
OTHER COMMENTS:
Although I can (and have) subscribe via email, this means that I cannot change
any of my subscription options, as I can't get to the relevant page.

User-Agent:       Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-GB; rv:1.9b5)
Gecko/2008032619 Firefox/3.0b5
Comment 1 Andrew Flegg maemo.org 2008-04-20 12:13:48 UTC
Not just lists.maemo.org, the following all give certificate errors:

https://garage.maemo.org/ - expired 18/04/2008
https://planet.maemo.org/ - certificate for "maemo.org" sent
https://lists.maemo.org/  - certificate for "maemo.org" sent

The first is a real problem and needs addressing urgently (hence, raising
priority of this bug); the last two are just a bit shoddy. If the canonical
names for these services are those listed, they should have their own
certificates. Alternatively, the redirects should be handled at a lower level.
Comment 2 Graham Cobb maemo.org 2008-04-21 11:28:53 UTC
Please fix the expired certificate for garage urgently as my daily builds of
GPE, Opensync, etc are broken by this!
Comment 3 Niels Breet maemo.org 2008-04-21 14:04:27 UTC
The ssl certificate has been updated. Everything should be OK now.
Comment 4 Tony Green (reporter) 2008-04-21 15:48:22 UTC
Despite this bug being marked as fixed, the problem is still persisting. I have
cleared my browser cache and even tried a different browser to confirm I'm not
holding on to something invalid at my end.
Comment 5 Niels Breet maemo.org 2008-04-21 18:44:26 UTC
(In reply to comment #4)
> Despite this bug being marked as fixed, the problem is still persisting. I have
> cleared my browser cache and even tried a different browser to confirm I'm not
> holding on to something invalid at my end.
> 

Sorry, was a bit quick here. It was fixed for garage.maemo.org

I think list.maemo.org is not intended to be run on https. You at least can use 
it via http://lists.maemo.org/mailman//listinfo/maemo-developers for example.

I'll try to find out what action to take here, get a certificate or change the
links to http://

Planet.maemo.org is only a redirect domain, https should not be available at
all.
Comment 6 Niels Breet maemo.org 2008-04-23 13:02:24 UTC
lists.maemo.org now has a valid ssl certificate, does it look better now?
Comment 7 Tony Green (reporter) 2008-04-23 13:09:07 UTC
Yes, I can access it now. Thanks.
At last I can edit my preferences and slow down the flow of messages by getting
the digest :-)
Comment 8 Niels Breet maemo.org 2008-04-30 10:45:14 UTC
The garage and lists certificates are fixed now. Planet.m.o should not be
available per https, we don't have a need for that. (as it is just a redirect)

I have disabled the planet.m.o vhost, but the ip of is the same as maemo.org.
So you still get a page there. The solution is to move planet.m.o to a
different ip. This will not happen at the moment.

I'm closing this bug as the most critical parts have been solved.
Comment 9 Tony Green (reporter) 2008-04-30 12:49:43 UTC
I can confirm that lists and Garage are now accessible.
Thanks.