1. Shana Project Avatar Shana Project
  2. Untitled project
  3. Shana Project
  4. Issues

https feed not working

Issue #60 new
Pieter van der Kooi created an issue

I believe that the problem has to do with the fact that you are using cloudflare. It does work on http however so that is what I am using currently.

Just changed it back to https to get the error it was throwing out in flexget.

2015-03-24 15:13 CRITICAL plugin        anime-shanaproject.com Unable to download the RSS for task anime-shanaproject.com (https://www.shanaproject.com/feeds/secure/user/*******/): hostname 'www.shanaproject.com' doesn't match either of 'ssl2000.cloudflare.com', 'cloudflare.com', '*.cloudflare.com'
2015-03-24 15:13 WARNING  task          anime-shanaproject.com Aborting task (plugin: rss)

It basically doesn't trust the site since the certificates do not seem to be valid. If you know what is happening it is not a huge problem since you can just switch back to http but since it defaults to https it might be a problem for users who don't understand this.

Comments (6)

  1. Shana Project repo owner

    Looks like some torrent clients (probably uTorrent too) are simply incompatible with SSL over Cloud Flare. This whole "https" experiment has mostly been a complete failure =( Perhaps we should just revert it and look at doing it all again in the future properly using our own SSL cert or something =(

  2. Pieter van der Kooi reporter

    Wouldn't completely scrap the idea but setting it as the default in its current state might not be a great idea, it might scare off visitors that can't get it to work in their first try. Maybe you could still allow people to use the https version if they wanted to but have the regular http version as the default setting till the https version gets fixed? :)

    Took the time to do some light googling and this behaviour doesn't seem like the way it is intended. I do think the following tweet is describing the exact problem that you are having with Shana Project. https://twitter.com/sedward5/status/522130911748702210

    Maybe it would be worth the effort of checking with Cloudflare if they can be of any assistance in this case?

  3. Shana Project repo owner

    I've changed the default links on the settings page back to http until I can further investigate.

  4. PH3death3R

    it seems out of the box flexget (python 2.x) doesn't support SNI which is what cloudflare uses to give everyone free ssl support (switching to a paid version of cloudflare would 'solve' this as then you will get a ip address for your site and a RSA certificate instead of a ECDSA one)

    https://en.wikipedia.org/wiki/Server_Name_Indication

    flexget ticket about the issue http://discuss.flexget.com/t/http-error-503-due-to-cloudflare/658 http://www.flexget.com/ticket/2800

    a answer to possible get SNI working on python 2.x (i have not tested this) https://stackoverflow.com/questions/18578439/using-requests-with-tls-doesnt-give-sni-support/18579484#18579484

  5. Shana Project repo owner

    So basically its a problem with many torrent clients... not much we can do then unless we want to not use CloudFlare for https (which in hindsight has been a mistake/waste of time)

  6. PH3death3R

    CloudFlare for https will work properly if you get one of there paid plans (20$ a month) as then you will get a normal (RSA) certificate and nobody has to support SNI

    if you go to https://www.cloudflare.com/plans/ and scroll down all the way to the SSL heading then look for 'Browser support' the paid plans will support all browsers

    note at my work we have had the same problem and switching to the paid plan worked, but that all depends on if you want to spend 20$ a month on it

    p.s. i am loving the free service you provide with this site, excellent job!

  7. Log in to comment
Assignee
Type
bug
Priority
minor
Status
new
Votes
0
Watchers
3
Jira: the preferred issue tracker for Bitbucket. Join the team!