ssl certificate for does not match common name

Create issue
Issue #2137 wontfix
Roland Haas created an issue

Frank's checker at:

reports a wrong common name in the certificate for which is confirmed by

this makes connecting to using ssl impossible (or at least one needs to grant a security exception).

Only minor b/c right now seems to not use ssl anyway (though it should do so at least for the login to drupal).


Comments (7)

  1. Steven R. Brandt
    • removed comment

    Actually, the problem is worse than that. has become Let me look into this.

  2. Steven R. Brandt
    • removed comment

    I thought I'd cleared this long ago, and I don't see any problem. Both and both work for me.

  3. Roland Haas reporter
    • removed comment

    It works for me as well. Yet the monitor script referenced above (​ complains. ssl checker ( notes that a SHA1 signature is used which is somewhat unsafe these days.

    The wrong common name might be reported by gnutls-cli (but not openssl) which also seems to indicate that openssl is doing the "right thing".

    Note that the version of gnutls-cli on my Linux box (3.5.18) does not produce the warning.

    So it seems we should

    1. close this ticket as "worksforme"
    2. check the cgi script and update the gnutls-cli version it uses
  4. Roland Haas reporter
    • edited description
    • changed status to wontfix

    The SSL certs are ok, Frank's checking script uses a version of gnutls that complains about things that are explicitly allowed and wants things that are explicitly not liked.

  5. Log in to comment