We ran across this a couple of days ago. One of the Mac browsers gave a
phishing warning.
I just tried it on XP (IE, FF and GC) but got no warning.
Mike
-Original Message-
From: Dan LeGate [mailto:[EMAIL PROTECTED]
Sent: Tuesday, September 16, 2008 8:11 PM
To: CF-Talk
Subject: Period at end of domain name causes SSL warnings
An interesting situation arose when someone sent an email with our
server URL that included a period (dot) at the end of the domain name
like this:
http://www.servername.edu.
and they actually included the period as part of the link. It throws a
nasty SSL warning.
Strangely, it does not say "server not found". Instead, it goes to the
server, but when the SSL portion of the page loads, a big fat SSL
warning shows up because "www.servername.edu." does NOT match the SSL
name of "www.servername.edu"
Even more strange, utilities like ping, nslookup and tracert all allow
this convention as well, without throwing "not found" errors.
Interestingly Google Chrome does NOT complain about a mismatched SSL
name.
Anyway, anyone seen this? Can anyone shed some light as to why a period
at the end of a hostname is "acceptable"?
I tried searching Google for [(dot OR period) "end of (domain OR server)
name"] but it didn't come up with much.
Any insight is appreciated.
Dan
~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to
date
Get the Free Trial
http://ad.doubleclick.net/clk;203748912;27390454;j
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:312665
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
