Package: www.debian.org Severity: normal User: [email protected] Usertags: cgi.debian.org
Alexander Delanoe reported (in https://lists.debian.org/debian-www/2017/01/msg00080.html )that submit CD vendors using the form in the website fails for certain HTTPS URL. The script fails with: The following entries were submitted: Submission-Type: new Vendor: Test vendor URL: https://france.debian.net The specified web site (https://france.debian.net) cannot be accessed. The error message returned was: 500 Can't connect to france.debian.net:443 (certificate verify failed) If you don't understand this error message, please contact us. Entry not submitted! Paul Wise pointed me to https://wiki.debian.org/ServicesSSL which explains that the machines administered by DSA have a custom setup for SSL verification, and shows a workaround for scripts using Perl. I'm submitting also a patch for the submit_cdvendor.pl I've mad a small script (attached) to test the relevant code, and it seems to work as intended. I'm not sure how to handle this bug. My understanding: * Wait some days for other people to review, and then commit the patch into git.debian.org/git/debwww/cgi.git * After that, add the following tags: User: [email protected] Usertags: needed-by-DSA-Team ssl And forward to DSA for deployment, I guess, but how? Creating an RT ticket and pointing to this bug? or are the usertags enough? * When the website is fixed, I'll edit https://wiki.debian.org/ServicesSSL to add the script in the "users" section. Please correct me if there is a better way. Thanks -- Laura Arjona Reina https://wiki.debian.org/LauraArjona
