Em junho 19, 2020 5:01 Egor Kovetskiy via arch-devops escreveu:

Hello,

tracker.archlinux.org has an invalid certificate with CN = archive.archlinux.org

$ openssl s_client -showcerts -connect tracker.archlinux.org:443 <<< "" 2>&1 | grep subject=CN subject=CN = archive.archlinux.org

The link was found on https://github.com/archlinux/infrastructure

Yes, if you access over https. But the tracker actually is listening on the bittorrent port with the correct certificate. I think we could fix this on the nginx side with either a redirection, or we could fix on the cert side, by combining all the cn's of that machine on the same cert. Since this machine is due to migration this week, I don't think we should touch it right now. Regards, Giancarlo Razzolini