GNOME Bugzilla – Bug 639890
SSL does not work
Last modified: 2013-07-02 20:28:11 UTC
The https://planet.gnome.org/ URL does not load properly. It presents an invalid certificate (which is only valid for www.gnome.org), and if validation is skipped, presents the default RHEL apache installed web site. Please get a new certificate for the planet domain, or add the domain to the existing certificate, and point the apache config at the proper web site location.
Confirmed, however this is something for the sysadmin team.
planet.gnome.org is on a shared host. It doesn't have SSL.
SSL has been enabled on planet.gnome.org. Closing.
Not sure if it is related, but my Tiny Tiny RSS installation now generates errors when pulling the feed from https://planet.gnome.org/rss20.xml. Running curl manually, I get # curl https://planet.gnome.org/rss20.xml curl: (35) error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:reason(1112)
We recently moved planet.gnome.org to our proxies, I feel you were still caching the old DNS entry. Everything seems to work correctly here, and 'curl https://planet.gnome.org/rss20.xml' works just fine.
(In reply to comment #5) > We recently moved planet.gnome.org to our proxies, I feel you were still > caching the old DNS entry. Everything seems to work correctly here, and 'curl > https://planet.gnome.org/rss20.xml' works just fine. I'm still getting the same error today.
Apparently the wildcard certificate we're currently using on our proxies do have a different root's CA than the one we previously used and we were able to reproduce the issue on a Debian 6 machine. Do you mind installing the required root's CA from http://www.startssl.com/certs?
The (In reply to comment #7) > reproduce the issue on a Debian 6 machine. Do you mind installing the required > root's CA from http://www.startssl.com/certs? Problem is, that I'm running Tiny Tiny RSS on a hosted server, where I can't install SSL CA certificates.