[Bug 1312127] Re: wget tries to get certificate from wrong server

Thu, 24 Apr 2014 05:06:28 -0700 

Ubuntu 14.04 works better. Under similar conditions, AAAA record is
ignored and wget downloads certificate from correct server:

$ wget -d
https://www.digicert.com/CACerts/DigiCertSHA2ExtendedValidationServerCA.crt

DEBUG output created by Wget 1.15 on linux-gnu.

URI encoding = ‘UTF-8’
--2014-04-24 13:54:34--  
https://www.digicert.com/CACerts/DigiCertSHA2ExtendedValidationServerCA.crt
Resolving www.digicert.com (www.digicert.com)... 64.78.193.234
Caching www.digicert.com => 64.78.193.234
Connecting to www.digicert.com (www.digicert.com)|64.78.193.234|:443... 
connected.
Created socket 3.
Releasing 0x00000000006ff3f0 (new refcount 1).
Initiating SSL handshake.
Handshake successful; connected socket 3 to SSL handle 0x00000000006ff670
certificate:
  subject: /businessCategory=Private 
Organization/1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Utah/serialNumber=5299537-0142/street=Suite
 500/street=2600 West Executive 
Parkway/postalCode=84043/C=US/ST=Utah/L=Lehi/O=DigiCert, 
Inc./CN=www.digicert.com
  issuer:  /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 Extended 
Validation Server CA
X509 certificate successfully verified and matches host www.digicert.com

---request begin---
GET /CACerts/DigiCertSHA2ExtendedValidationServerCA.crt HTTP/1.1
User-Agent: Wget/1.15 (linux-gnu)
Accept: */*
Host: www.digicert.com
Connection: Keep-Alive
...


$ host -a www.digicert.com
Trying "www.digicert.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14219
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.digicert.com.              IN      ANY

;; ANSWER SECTION:
www.digicert.com.       299     IN      A       64.78.193.234
www.digicert.com.       0       IN      AAAA    ::ffff:67.215.65.132

Received 78 bytes from 127.0.1.1#53 in 27 ms

$ host -t A www.digicert.com
www.digicert.com has address 64.78.193.234

$ host -t AAAA www.digicert.com
www.digicert.com has no AAAA record

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1312127

Title:
  wget tries to get certificate from wrong server

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/wget/+bug/1312127/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to