[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Savannah-users] SSL cert for git0.savannah.gnu.org: wrong host
From: |
Marcus Müller |
Subject: |
Re: [Savannah-users] SSL cert for git0.savannah.gnu.org: wrong host |
Date: |
Wed, 9 Aug 2017 01:29:18 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 |
Hi Bob,
thanks for getting back to me!
> Where did you see git0.savannah.gnu.org documented so that this may be
> corrected?
I got that URL from the gitweb instance [1] that the autoconf savannah
page [2] points to.
Admittedly, the savannah page itself has a non-TLS variant of the URL:
git clone http://git.sv.gnu.org/r/autoconf.git
but: non-TLS http for source code distribution felt like it shouldn't be
the recommended way, so I payed no further attention to that http://…
URL, and just clicked through to the webgit to figure out a way of
cloning that would allow to check authenticity of the remote!
> BTW... We are already using Let's Encrypt certificates for all of the
> site certificates.
I saw that, I just thought you might have missed that specific git0...
subdomain :)
Best regards,
Marcus
[1] http://git.sv.gnu.org/gitweb/?p=autoconf.git, redirects to
http://git.savannah.gnu.org/gitweb/?p=autoconf.git
[2] https://www.gnu.org/software/autoconf/autoconf.html
On 09.08.2017 01:12, Bob Proulx wrote:
> Marcus Müller wrote:
>> https://git0.savannah.gnu.org is unusable at the moment, since the SSL
>> certificate is for bzr.savannah.gnu.org; noticed that when trying to
>> clone the autoconf repo.
>
> You have a typo in your URL. You are using git0.savannah.gnu.org but
> that is the underlying node hostname. You should be using the virtual
> name git.savannah.gnu.org, without the "0" part.
>
> https://savannah.gnu.org/git/?group=autoconf
>
> Where did you see git0.savannah.gnu.org documented so that this may be
> corrected?
>
>> See openssl output below:
> ...
>> Could someone please fix that by getting a Let's Encrypt cert for the
>> actual git0 subdomain?
>
> Regardless of the typo we appreciate the reports. :-)
>
> BTW... We are already using Let's Encrypt certificates for all of the
> site certificates.
>
> Thanks,
> Bob
>