On 23/12/2013 sebb wrote:
... http://wiki.services.openoffice.org/wiki/Documentation/FAQ/Installation
Confirm with IE, which reports a certificate for *.apache.org (Thawte)
I've seen it happening from time to time, regardless of the browser I
use, but randomly: at times, loading a wiki page gives the "certificate
mismatch" error, but I am unable to reproduce it consistently. Almost
always the certificate is correct and the browser does not complain.
Today I could investigate it better. At the time of writing this, if I open
http://wiki.services.openoffice.org/wiki/Documentation/FAQ/Installation
with any of the browsers I commonly use, the certificate I get is the
right one (for *.openoffice.org, issued 11 June 2013). Though, if I fire
up an old Konqueror I get the *.apache.org certificate, issued on 20
December 2011, and thus the "mismatch" warning.
Experience with wget is quite complex too.
With wget 1.12:
$ wget https://wiki.openoffice.org/wiki/Documentation/FAQ/Installation
ERROR: certificate common name “*.apache.org” doesn’t match requested
host name “wiki.openoffice.org”.
With wget 1.14:
$ wget https://wiki.openoffice.org/wiki/Documentation/FAQ/Installation
[works as expected]
With wget 1.13.4 from ooo-wiki2-vm (so this is repeatable by others):
$ wget https://wiki.openoffice.org/wiki/Documentation/FAQ/Installation
ERROR: certificate common name `*.apache.org' doesn't match requested
host name `wiki.openoffice.org'.
To avoid misunderstandings: this page does not currently contain any
"insecure" content. This is a separate problem, see below.
Might it be that the *.apache.org certificate is served as a fallback to
some older clients that for some reason do not support the
*.openoffice.org one?
Does not happen in Firefox for me either, though I do get a shield
icon [1] indicating that there is some http: reference that needs to
be changed to https:
[IE also reports the same issue, if one ignores the cert. error]
I investigated this on the VM as far as my permissions allow. It should
be due to the hardcoded "http" in the file GoogleCoop/GoogleCoop.php
To work around this, I've temporarily removed the "Search within the
FAQs" function that was including Google CSE via http, see
https://wiki.openoffice.org/w/index.php?title=Documentation%2FFAQ%2FInstallation&diff=232487&oldid=188626
Does this solve the "insecure content" problem for you? It does for me.
The right fix would then to change http to https in
GoogleCoop/GoogleCoop.php but I can't modify that file.
Regards,
Andrea.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org
