brooklyn-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Richard Downer <rich...@apache.org>
Subject Re: Website security issues
Date Wed, 26 Nov 2014 15:00:53 GMT
Svet, all,

Infra have now reported that the problem has been fixed:
https://issues.apache.org/jira/browse/INFRA-8718

Could you confirm?
Please let me know if there are any more SSL certificate failures on
https://brooklyn.incubator.apache.org

Richard.


On 25 November 2014 at 16:22, Richard Downer <richard@apache.org> wrote:
> I have raised a ticket for this:
> https://issues.apache.org/jira/browse/INFRA-8718
>
> Richard.
>
>
> On 25 November 2014 at 15:51, Svetoslav Neykov
> <svetoslav.neykov@cloudsoftcorp.com> wrote:
>> I get the problem with the latest Internet Explorer (11), Firefox (33), Chrome (39)
on Windows.
>> Thanks for taking care of this.
>>
>> Svet.
>>
>> -----Original Message-----
>> From: Richard Downer [mailto:richard@apache.org]
>> Sent: Tuesday, November 25, 2014 5:14 PM
>> To: Brooklyn dev
>> Subject: Re: Website security issues
>>
>> Hi Svet,
>>
>> I'd heard this mentioned by one or two other people recently too. I'll submit a trouble
ticket to infra.
>>
>> For the record, what browser(s)/OS(es) and versions are you using where you have
seen this?
>>
>> Thanks
>> Richard.
>>
>>
>> On 25 November 2014 at 15:10, Svetoslav Neykov <svetoslav.neykov@cloudsoftcorp.com>
wrote:
>>> Hi,
>>>
>>> I am having security issues using brooklyn.incubator.apache.org over https.
>>> I get untrusted connection warnings. I have to explicitly accept the
>>> untrusted certificate so I can use the site.
>>>
>>>
>>>
>>> The problem is that the certificate's Common Name (CN) is *.apache.org
>>> which apparently doesn't include second level subdomains. Initially
>>> only some of the pages would display the warning page, while others
>>> would work. Turns out the pages in my cache had *.incubator.apache.org
>>> certificate and those would work without issues, while if I tried to
>>> navigate to a new (cold) page I would get the warning.
>>>
>>>
>>>
>>> Svet.
>>>
>>

Mime
View raw message