[arch-devops] Invalid SSL CN on tracker.archlinux.org
Giancarlo Razzolini
grazzolini at archlinux.org
Wed Jun 24 02:06:10 UTC 2020
Em junho 19, 2020 5:01 Egor Kovetskiy via arch-devops escreveu:
> Hello,
>
> tracker.archlinux.org has an invalid certificate with CN =
> archive.archlinux.org
>
> $ openssl s_client -showcerts -connect tracker.archlinux.org:443 <<< ""
> 2>&1 | grep subject=CN
> subject=CN = archive.archlinux.org
>
> The link was found on https://github.com/archlinux/infrastructure
>
Yes, if you access over https. But the tracker actually is listening on the bittorrent port with the
correct certificate. I think we could fix this on the nginx side with either a redirection, or we could
fix on the cert side, by combining all the cn's of that machine on the same cert.
Since this machine is due to migration this week, I don't think we should touch it right now.
Regards,
Giancarlo Razzolini
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/arch-devops/attachments/20200623/d98c856e/attachment.sig>
More information about the arch-devops
mailing list