Re: [WWW]Certificate errors for forums
On 09/11/2013 Ricardo Berlasso wrote: 2013/11/9 janI On 9 November 2013 00:47, Ricardo Berlasso wrote: Some people get certificate errors on the forums https://forum.openoffice.org/en/forum/viewtopic.php?f=50t=65462 This error should not be random but comes every time a page that contains src= or href= http://xyz is loaded. The error is a serious warning, that the page you are loading contains unsecure content (http://). This is the part I have warned about earlier (and dave f. has taken care of for www). The databases of forum and wiki should be updated (any vm admin can do that), so that all relevant (ref inside forum/wiki) src=http://xyzand href= http://xyz are changed to src=//xyz and href=//xyz. Thanks, Jan, now the problem is clear for me. Maybe Imacat can do this DB update. Coming back to this in light of the recent wiki discussion http://markmail.org/message/22jtkldai7opey2f : for sure Jan is right in saying that the embedded content (not actually all href link, but the meaning is clear) should be served via HTTPS. But I see this as a secondary problem: the root cause is probably at an earlier stage. If we take as example the link Ricardo posted https://forum.openoffice.org/en/forum/viewtopic.php?f=50t=65462 all requests needed to render the page are done in HTTPS, I've just checked. So the issue is, again, with the certificate we serve to the client, and I've managed to get the usual erratic behavior (on one system I get the *.apache.org certificate and the mismatch warning, on another system I get the *.openoffice.org certificate and no warning). Again, to make it repeatable from a machine others have access to, pescetti@ooo-wiki2-vm:~$ wget https://forum.openoffice.org/en/forum/viewtopic.php?f=50t=65462; ERROR: certificate common name `*.apache.org' doesn't match requested host name `forum.openoffice.org'. I've opened https://issues.apache.org/jira/browse/INFRA-7131 to track the problem. Regards, Andrea. - To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org For additional commands, e-mail: dev-h...@openoffice.apache.org
Re: [WWW]Certificate errors for forums
On 26 December 2013 14:06, Andrea Pescetti pesce...@apache.org wrote: On 09/11/2013 Ricardo Berlasso wrote: 2013/11/9 janI On 9 November 2013 00:47, Ricardo Berlasso wrote: Some people get certificate errors on the forums https://forum.openoffice.org/en/forum/viewtopic.php?f=50t=65462 This error should not be random but comes every time a page that contains src= or href= http://xyz is loaded. The error is a serious warning, that the page you are loading contains unsecure content (http://). This is the part I have warned about earlier (and dave f. has taken care of for www). The databases of forum and wiki should be updated (any vm admin can do that), so that all relevant (ref inside forum/wiki) src=http://xyzand href= http://xyz are changed to src=//xyz and href=//xyz. Thanks, Jan, now the problem is clear for me. Maybe Imacat can do this DB update. Coming back to this in light of the recent wiki discussion http://markmail.org/message/22jtkldai7opey2f : for sure Jan is right in saying that the embedded content (not actually all href link, but the meaning is clear) should be served via HTTPS. But I see this as a secondary problem: the root cause is probably at an earlier stage. If we take as example the link Ricardo posted https://forum.openoffice.org/en/forum/viewtopic.php?f=50t=65462 all requests needed to render the page are done in HTTPS, I've just checked. So the issue is, again, with the certificate we serve to the client, and I've managed to get the usual erratic behavior (on one system I get the *. apache.org certificate and the mismatch warning, on another system I get the *.openoffice.org certificate and no warning). Again, to make it repeatable from a machine others have access to, pescetti@ooo-wiki2-vm:~$ wget https://forum.openoffice.org/ en/forum/viewtopic.php?f=50t=65462 ERROR: certificate common name `*.apache.org' doesn't match requested host name `forum.openoffice.org'. I've opened https://issues.apache.org/jira/browse/INFRA-7131 to track the problem. there is a problem, no doubt about it, but the strange thing is that if use your test on minotaur (people), then it works. I am not a certificate specialist (medthomas is the real specialist), but to me it looks as cached certificates (or root path). on ooo-wiki2, I am convinced it is a caching problem, where the wrong certificate is stored. Once medthomas comes back after vacation I will have a talk with him. rgds jan I. Regards, Andrea. - To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org For additional commands, e-mail: dev-h...@openoffice.apache.org
Re: [WWW]Certificate errors for forums
On 9 November 2013 00:47, Ricardo Berlasso rgb.m...@gmail.com wrote: Some people get certificate errors on the forums https://forum.openoffice.org/en/forum/viewtopic.php?f=50t=65462 I can see this too every now and then, but not on the browser: reading the ES forum rss feeds Akregator sometimes shows, apparently at random times, a certificate error. Your Security certificate is giving errors just thought you should know. The Error I am getting is Mixmatched Address: The security certificate presented by this website was issued for a different website's address. This error should not be random but comes every time a page that contains src= or href= http://xyz is loaded. The error is a serious warning, that the page you are loading contains unsecure content (http://). This is the part I have warned about earlier (and dave f. has taken care of for www). The databases of forum and wiki should be updated (any vm admin can do that), so that all relevant (ref inside forum/wiki) src=http://xyzand href= http://xyz are changed to src=//xyz and href=//xyz. rgds jan I. Regards, Ricardo
Re: [WWW]Certificate errors for forums
2013/11/9 janI j...@apache.org On 9 November 2013 00:47, Ricardo Berlasso rgb.m...@gmail.com wrote: Some people get certificate errors on the forums https://forum.openoffice.org/en/forum/viewtopic.php?f=50t=65462 I can see this too every now and then, but not on the browser: reading the ES forum rss feeds Akregator sometimes shows, apparently at random times, a certificate error. Your Security certificate is giving errors just thought you should know. The Error I am getting is Mixmatched Address: The security certificate presented by this website was issued for a different website's address. This error should not be random but comes every time a page that contains src= or href= http://xyz is loaded. The error is a serious warning, that the page you are loading contains unsecure content (http://). This is the part I have warned about earlier (and dave f. has taken care of for www). The databases of forum and wiki should be updated (any vm admin can do that), so that all relevant (ref inside forum/wiki) src=http://xyzand href= http://xyz are changed to src=//xyz and href=//xyz. Thanks, Jan, now the problem is clear for me. Maybe Imacat can do this DB update. Regards, Ricardo rgds jan I. Regards, Ricardo