[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Invalid X.509 certificate for bugs.gnu.org
|
From: |
Ludovic Courtès |
|
Subject: |
Re: Invalid X.509 certificate for bugs.gnu.org |
|
Date: |
Sun, 24 Apr 2016 14:27:28 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) |
Jim Meyering <address@hidden> skribis:
> On Tue, Apr 19, 2016 at 1:09 PM, Glenn Morris <address@hidden> wrote:
>> Ludovic Courtès wrote:
>>
>>> The X.509 certificate for debbugs.gnu.org aka. bugs.gnu.org lacks
>>> "bugs.gnu.org" in its Common Name. Thus, people get a warning when
>>> trying to connect to <https://bugs.gnu.org>.
>>>
>>> Would it be possible to add "bugs.gnu.org" to the certificate?
>>
>> I asked the FSF sysadmins about this when we originally got https, over
>> a year ago. At the time, we concluded it wasn't worth the bother.
>> It either required buying another cert, or some non-trivial configuration.
>>
>> Maybe things have changed since then, eg letsencrypt.org.
>>
>> I'm tempted to just wait till the existing cert expires in November.
>>
>> Personally I've never much liked the "bugs" alias anyway...
>
> It would be nice to support it. We (coreutils, grep, diffutils and
> probably others) tend to prefer the shorter URLs,
Same here.
Let’s Encrypt indeed makes it easy to add host names to a certificate,
should the FSF sysadmins switch to that.
Ludo’.