infra-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Juan Pablo Santos Rodríguez (JIRA) <j...@apache.org>
Subject [jira] [Created] (INFRA-12789) httpS://www.jspwiki.org showing content from https://www.openoffice.org
Date Thu, 20 Oct 2016 19:06:58 GMT
Juan Pablo Santos Rodríguez created INFRA-12789:
---------------------------------------------------

             Summary: httpS://www.jspwiki.org showing content from https://www.openoffice.org
                 Key: INFRA-12789
                 URL: https://issues.apache.org/jira/browse/INFRA-12789
             Project: Infrastructure
          Issue Type: Bug
          Components: Website
            Reporter: Juan Pablo Santos Rodríguez


As notified at infrastructure@apache.org this morning, https://www.jspwiki.org is showing
content from https://www.openoffice.org, whereas http://www.jspwiki.org is doing fine.

Excerpts from the ML:

"This is hitting a weird quirk with the vhost setup.

There is no defined https for www.jspwiki.org, and so is hitting the last defined https vhost
it can find (openoffice), as incubator and apache.org is not matching, but there was an https
request, and ends up setting it to the openoffice vhost.."
---
"It is only the https:// versions that fall foul of the vhost setup.

Is it not possible to fix this?

Or if it's not possible to fix the lack of an https host, then at
least the setup should be changed so that unmatched hosts result in an
error message of some kind."
---
"There indeed needs to be a default, but it won't fix the https issue of cert mis-match for
a dns entry pointing at the host with no ssl cert."
---
"No, but it would at least avoid the confusing situation we have at
present where the URL and website content don't agree.
This problem presumably applies to all vhosts for which there is not
yet an https site."
---
"Ideally of course all vhosts should support SSL then this problem
would not arise.

But until that day, obviously the cert mismatch cannot be avoided.

However I think it is possible to provide an error message to the user
if the vhost is not available via SSL.

Rather than default to an existing site with the wrong content, change
the default to a simple new site which explains that the vhost is not
available using SSL.
That would be a lot better than the current situation."
---
"File a jira, it will be added to the queue."



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message