[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#751883: marked as done (planet.debian.org: https://planet.debian.org broken (certificate and webpage))

Your message dated Mon, 23 Jun 2014 08:27:33 +0200
with message-id <20140623062733.GB22970@anguilla.noreply.org>
and subject line Re: Bug#751883: planet.debian.org: https://planet.debian.org broken (certificate and webpage)
has caused the Debian Bug report #751883,
regarding planet.debian.org: https://planet.debian.org broken (certificate and webpage)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
751883: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751883
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: www.debian.org
Severity: important

Dear Maintainer,

trying to use planet.debian.org with https results in two problems:

1. certificate does not match:
$ wget https://planet.debian.org/
--2014-06-17 14:55:30--  https://planet.debian.org/
Resolving planet.debian.org (planet.debian.org)... 198.232.124.192
Connecting to planet.debian.org (planet.debian.org)|198.232.124.192|:443... connected.
The certificate's owner does not match hostname 'planet.debian.org'

$ echo GET | openssl s_client -connect planet.debian.org:443 -state
CONNECTED(00000003)
SSL_connect:before/connect initialization
...
verify error:num=19:self signed certificate in certificate chain
verify return:0
...
-----END CERTIFICATE-----
subject=/OU=Domain Control Validated/CN=*.netdna-ssl.com
issuer=/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2
---
No client certificate CA names sent
---
SSL handshake has read 5413 bytes and written 449 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: 39A093E7D374EFFC63A99EFE808CC54BCC20E52D29EC5A156291B3B5F34E08AB
    Session-ID-ctx: 
    Master-Key: AB0A9B908EB7E87E186F8C86EAAF7D1661606E7768D3EF9FBF3BB0C9FFA3F3E8FCB23C9DA48DB89EB1DC265975B224BC
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 300 (seconds)
    TLS session ticket:
    0000 - 20 3d ab 9f c0 73 80 26-d5 80 17 63 02 36 62 9e    =...s.&...c.6b.
    0010 - 81 b2 99 aa ad e5 0f 94-b0 4b a9 7e 15 0a e8 51   .........K.~...Q
    0020 - 22 64 50 ed 5b 68 f0 47-88 ca f2 1a a1 ee 17 68   "dP.[h.G.......h
    0030 - db 2a 02 d8 69 97 07 a3-f9 2d c3 32 9b af 8a 4d   .*..i....-.2...M
    0040 - b6 c0 86 25 b5 f9 22 dd-27 5b 9d 07 85 a1 23 bc   ...%..".'[....#.
    0050 - 5e 77 83 d3 e8 94 2e ee-99 2a 7e b4 fc b6 43 5a   ^w.......*~...CZ
    0060 - e0 de 88 57 93 dc 28 76-4f 85 53 06 b4 7c dc ff   ...W..(vO.S..|..
    0070 - 86 00 9a dd 91 21 dc 6a-a2 a8 8a 3b 60 5d ad f9   .....!.j...;`]..
    0080 - 52 ee bd 12 75 91 72 ce-65 69 c4 71 b4 f7 ec d1   R...u.r.ei.q....
    0090 - 50 50 ca 65 21 e5 df 9e-83 d8 e7 8b 75 e7 65 15   PP.e!.......u.e.

    Start Time: 1403009978
    Timeout   : 300 (sec)
    Verify return code: 19 (self signed certificate in certificate chain)
---
DONE
SSL3 alert write:warning:close notify


2. and the presented webpage is just a placeholder:
$ wget --no-check-certificate https://planet.debian.org/
--2014-06-17 14:57:47--  https://planet.debian.org/
Resolving planet.debian.org (planet.debian.org)... 198.232.124.192
Connecting to planet.debian.org (planet.debian.org)|198.232.124.192|:443... connected.
The certificate's owner does not match hostname 'planet.debian.org'
HTTP request sent, awaiting response... 200 OK
Length: 83 [text/html]
Saving to: 'index.html'

100%[======================================>] 83          --.-K/s   in 0s      

2014-06-17 14:57:47 (50.7 MB/s) - 'index.html' saved [83/83]

$ cat index.html 
You are hitting the MaxCDN Frankfurt Datacenter<br>
<img src=netdna.gif?city=15 >


Thank you for fixing.:)

Regards

	Noël


-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.14-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

--- End Message ---
--- Begin Message --- 
On Tue, 17 Jun 2014, Noël Köthe wrote:

> trying to use planet.debian.org with https results in two problems:
> 
> 1. certificate does not match:

Planet is not, at this time, available over https.

-- 
                           |  .''`.       ** Debian **
      Peter Palfrader      | : :' :      The  universal
 http://www.palfrader.org/ | `. `'      Operating System
                           |   `-    http://www.debian.org/

--- End Message ---
Reply to: