On Sat, 2 Mar 2013 06:12:22 +0100 Polytropon articulated: > On Fri, 01 Mar 2013 10:42:58 -0500, Fbsd8 wrote: > > Javad Kouhi wrote: > > > Also no problem with FreeBSD 9.1 and chromium. But sometimes ago > > > I have this problem with all https sites. because the government > > > forged the wrong SSL certificate and my browser and my browser > > > warned me about it. Do you have this problem with other websites? > > > > > > On Fri, Mar 1, 2013 at 6:02 PM, Zyumbilev, Peter > > > <pe...@aboutsupport.com>wrote: > > >> > > >> On 01/03/2013 16:14, Ralf Mardorf wrote: > > >> > > >>> [1] $ firefox -version > > >>> Mozilla Firefox 19.0 > > >>> > > >> No problem with SeaMonkey 2.16. > > >> > > I use xp browser and it's certificate checking is enabled. > > You are sure using a more than 10 year old system should > be considered safe enough to provide a reference? > > > Maybe the browsers running from xorg desktops are NOT certificate > > aware so them not getting the error warning would be expected. > > They are. Or to be correct: The most prominent ones are, > like Firefox, Chrome, and Opera. More lightweight browsers > like dillo actually might not have this functionality. > > > The fact remains, the ms/browsers do find the wiki.freebsd.org > > wedsite's certificate invalid because the certificate ip address > > does not match the ip address the public dns points to. > > As it has been mentioned, one certificate can be used for > several IP addresses. Both www and wiki are located at > 8.8.178.110 (returned by "host" command), so there might > be a DNS issue or something comparable strange... > > I've checked with Opera 11.50 here, no problems.
I think Brad Mettee nailed it with his response. <quote> And in this particular case, the certificate is for www.freebsd.org and freebsd.org, and the browser is complaining because it's being used on wiki.freebsd.org. Their certificate should have been issued for *.freebsd.org instead of just the main site name. Unfortunately I think all of the certificate issuers charge big $$$ for that type of cert...... </quote> I have seen this sort of thing several times before with different sites. The older versions of Firefox never picked up on it as often as IE would. I just tried this site using IE and immediately received the error message. The message stating: "The security certificate presented by this website was issued for a different website's address. Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server." It then went on to give me the normal options of leaving the site or ignoring the error. Interestingly enough, Firefox, on the same machine, does not provide any indication that the certificate is questionable. Given the choice of being warned about a questionable certificate or having the browser silently ignore it, I would choose to be warned about it. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
