savannah-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Savannah-users] savannah.gnu.org certificate expired?

From: James Cloos
Subject: Re: [Savannah-users] savannah.gnu.org certificate expired?
Date: Thu, 06 Mar 2014 20:05:27 -0500
User-agent: Gnus/5.13001 (Ma Gnus v0.10) Emacs/24.3.50 (gnu/linux) 
>>>>> "BP" == Bob Proulx <address@hidden> writes:

BP> In order to support sv.gnu.org and sv.nongnu.org it would need four
BP> total certificates.

No.

As I mentioned the two certs could mention the aliases in the
subjectAltName block.

And sni would not be required; the clients would be happy just with each
of the possible names in subjectAltName.

BP> I still have a dump from the previous certificates.  They are
BP> specifically savannah.gnu.org and one for savannah.nongnu.org.

Ok.  So it is not a regression.  (Or at least not now; perhaps it hasn't
worked since the self-signed certs were replaced.  Or maybe it never
worked with https.)

While eating I remembered that sv vs https had come up before; perhaps
years ago.  But I do not remember whether it was on this list or elsewhere.

BP> Additional if you actually try to log in using sv.{non,}gnu.org then
BP> Savane complains of cookie problems.

Which suggests that sv only ever worked for http.

BP> it is not expected to use either of those names.

There were added to easy typing, so they are expected.  Just, it seems,
not for https.

Thanks for looking into it!

-JimC
--
James Cloos <address@hidden>         OpenPGP: 1024D/ED7DAEA6
reply via email to
[Prev in Thread] Current Thread [Next in Thread]