#1982: Website SSL certificate does not list madwifi.org domain name
------------------------------------------+---------------------------------
Reporter: [EMAIL PROTECTED] | Owner: mrenzmann
Type: task | Status: assigned
Priority: minor | Milestone:
Component: website | Version:
Resolution: | Keywords:
Patch_attached: 0 |
------------------------------------------+---------------------------------
Changes (by mrenzmann):
* keywords: hacked, svn =>
* status: new => assigned
* version: trunk =>
* type: defect => task
Old description:
> I attempted to do an svn checkout today from svn. madwifi .org, then
> received the following message: (note urls are hxxp)
>
> Error validating server certificate for 'hxxps://svn.madwifi.org:443':
> - The certificate is not issued by a trusted authority. Use the
> fingerprint to validate the certificate manually!
> Certificate information:
> - Hostname: rossum. h4ckr. net
> - Valid: from Feb 8 19:11:03 2008 GMT until Aug 6 19:11:03 2008 GMT
> - Issuer: hxxp ://www. cacert .org, Root CA
> - Fingerprint:
> 3f:e6:6b:10:cf:a8:8d:20:f5:69:85:7d:05:f4:79:6d:88:72:a4:4e
> (R)eject, accept (t)emporarily or accept (p)ermanently? R
New description:
I attempted to do an svn checkout today from svn. madwifi .org, then
received the following message:
{{{
Error validating server certificate for 'https://svn.madwifi.org:443':
- The certificate is not issued by a trusted authority. Use the
fingerprint to validate the certificate manually!
Certificate information:
- Hostname: rossum. h4ckr. net
- Valid: from Feb 8 19:11:03 2008 GMT until Aug 6 19:11:03 2008 GMT
- Issuer: http://www.cacert.org, Root CA
- Fingerprint:
3f:e6:6b:10:cf:a8:8d:20:f5:69:85:7d:05:f4:79:6d:88:72:a4:4e
(R)eject, accept (t)emporarily or accept (p)ermanently? R
}}}
Comment:
First of all: the server has not been hacked. As mentor already stated,
h4ckr.net is the "administrative" domain that our servers belong to. If
you check whois information for that domain, you will notice that it
belongs to me, Michael Renzman By the way: "Hacker" is used here in its
[http://www.catb.org/~esr/faqs/hacker-howto.html#what_is original], non-
criminal meaning.
Also, the SSL certificate is not wrong, it just does not list
"svn.madwifi.org" as its primary name for this server (but does so in the
"Certificate Subject Alt Names", which is not supported by all SSL-enabled
clients). There is no easy way to work around this issue: we have three IP
addresses for this server, and all three are already in use. svn and trac
are served from the same IP address; changing that would be possible, but
instead of solving the original issue it would just move it to a different
place.
However, we could provide further information about the meaning of
h4ckr.net and the SSL certificate issue, so that we have a place where we
point users to if necessary. I thus change the type of this ticket to
"task".
--
Ticket URL: <https://madwifi.org/ticket/1982#comment:2>
madwifi.org <http://madwifi.org/>
Multiband Atheros Driver for Wireless Fidelity
-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php
_______________________________________________
Madwifi-tickets mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/madwifi-tickets
