Hi Antonio, Am Sonntag, den 20.01.2019, 12:33 +0100 schrieb Antonio: > Let's encrypt certificates are now set up. > > These are "chain certificates" for both netbeans-vm.apache.org and > bits.netbeans.org. Firefox doesn't like it, but Chrome doesn't mind. >
thank you for your work! Its great to see progress here. I don't understand the above comment though. The certificate is an SNA certificate, that in addition to the name netbeans-vm.apache.org is also valid for bits.netbeans.org. This is from my perspective a totally normal certificate. And the SSL Test from Qualys agrees: https://www.ssllabs.com/ssltest/analyze.html?d=bits.netbeans.org My firefox is also happy with the certificate itself, however, it is not happy, that the favicon is referenced as plain http. This leads to the site being marked with an exclamation mark for mixed content. <html> <head> <META http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859- 1"> <title>Apache NetBeans (incubating) API List</title> <link rel="stylesheet" href="netbeans.css" type="text/css"> <link REL="icon" href="http://www.netbeans.org/favicon.ico" type="image/ico"> <link REL="shortcut icon" href="http://www.netbeans.org/favicon.ico"> Not sure, which of the two is used, but both should be fixed. The overview frame implicitly causes a protocol mix: Load: https://bits.netbeans.org/10.0/javadoc/overview-frame.html Firefox tries to load the favicon from the root of the site: https://bits.netbeans.org/favicon.ico that redirects to (notice the http protocol) http://137.254.56.27/ While looking for more http/https mixes, I notices this in the overview frame (only one of the two can be true) https://bits.netbeans.org/10.0/javadoc/overview-frame.html: <META http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859- 1"> Greetings Matthias