Closed
Bug 749273
Opened 12 years ago
Closed 12 years ago
Bad cert on wiki.mozilla.org?
Categories
(Infrastructure & Operations Graveyard :: WebOps: Other, task)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: clouserw, Assigned: bburton)
References
Details
+++ This bug was initially created as a clone of Bug #745967 +++ I can't reproduce this but it's the same tbpl problem we've been having. See https://forums.mozilla.org/addons/viewtopic.php?f=30&t=9683&p=20803
I can't reproduce this, directly (in my normal Firefox profile), either...however, some interesting results... DigiCert's Cert Tester says it's fine... https://www.digicert.com/help/?host=wiki.mozilla.org SSL Labs's Cert Tester says "Certificate not valid for domain name" pointing to tbpl.mozilla.org https://www.ssllabs.com/ssltest/analyze.html?d=wiki.mozilla.org&hideResults=on They both report the same IP, 63.245.217.86 for wiki.mozilla.org (& traceroute on the IP says: generic.zlb.phx.mozilla.net), so I don't know how they can get different results. In any case, this is confirmed by the SSL Labs results. (I don't know if I need to, but I don't think I have permission to edit/add to the URL field of this bug?...I would point it at the SSL Labs results, since it confirms the bug)
Assignee | ||
Comment 2•12 years ago
|
||
Unfortunately, this appears to be a lack of SNI support from various things. webops is looking into a permanent resolution
Assignee | ||
Updated•12 years ago
|
Assignee: server-ops → bburton
Status: NEW → ASSIGNED
Comment 3•12 years ago
|
||
(In reply to Wil Clouser [:clouserw] from comment #0) > +++ This bug was initially created as a clone of Bug #745967 +++ > > I can't reproduce this but it's the same tbpl problem we've been having. > See https://forums.mozilla.org/addons/viewtopic.php?f=30&t=9683&p=20803 Where have you been having this problem? (since you mention same tbpl problem..)
Assignee | ||
Comment 4•12 years ago
|
||
The problem referred to before was when we moved forums to PHX and had to add the two SAN to the forums.m.o certificate.
Comment 5•12 years ago
|
||
(In reply to Brandon Burton [:solarce] from comment #4) > The problem referred to before was when we moved forums to PHX and had to > add the two SAN to the forums.m.o certificate. Wasn't that an entirely unrelated issue though?
Assignee | ||
Comment 6•12 years ago
|
||
Unrelated in cause, but seeming related in that a user saw the same cert error, but once for forums.amo and once for wikimo
Upon looking for any certificate related info in my Firefox settings, I found this... Under Tools -> Options -> Advanced -> Encryption Tab, I noticed that "Use TLS 1.0" was not checked, only "Use SSL 3.0 was checked". So, based on info I received about SNI, I thought I would try also checking the box for "Use TLS 1.0", to see what would happen, and then I was able to access the site in question. Maybe someone else can try unchecking that box to see if it reproduces the problem. So, this problem appears to be fixed for me now, provided that is the proper default setting, yet I have no idea how it may have gotten changed. I do recall having a disastrous update to Firefox sometime prior to that, where all of my addons were lost and had to be reinstalled, but I don't know if that could be related. I had not tried this before, because I don't make a habit of changing settings that I am not familiar with. Sorry for any trouble I may have caused, and thank you for the help.
Assignee | ||
Comment 8•12 years ago
|
||
wiki.mozilla.org has been given it's own IP, so users who don't have SNI support will no longer see certificate issues.
Assignee | ||
Updated•12 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Updated•11 years ago
|
Component: Server Operations: Web Operations → WebOps: Other
Product: mozilla.org → Infrastructure & Operations
Updated•5 years ago
|
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•