From owner-freebsd-questions@FreeBSD.ORG Sat Mar 2 05:12:25 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id DB84BD1E for ; Sat, 2 Mar 2013 05:12:25 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx02.qsc.de (mx02.qsc.de [213.148.130.14]) by mx1.freebsd.org (Postfix) with ESMTP id 84DCBA3E for ; Sat, 2 Mar 2013 05:12:25 +0000 (UTC) Received: from r56.edvax.de (port-92-195-109-47.dynamic.qsc.de [92.195.109.47]) by mx02.qsc.de (Postfix) with ESMTP id EED122767E; Sat, 2 Mar 2013 06:12:17 +0100 (CET) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id r225CM3W002096; Sat, 2 Mar 2013 06:12:22 +0100 (CET) (envelope-from freebsd@edvax.de) Date: Sat, 2 Mar 2013 06:12:22 +0100 From: Polytropon To: Fbsd8 Subject: Re: https://wiki.freebsd.org/ certificate error Message-Id: <20130302061222.75ebe236.freebsd@edvax.de> In-Reply-To: <5130CC82.4000607@a1poweruser.com> References: <5130B651.9030607@a1poweruser.com> <1362147256.788.3.camel@archlinux> <5130BC16.8020903@aboutsupport.com> <5130CC82.4000607@a1poweruser.com> Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org, Javad Kouhi X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: Polytropon List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Mar 2013 05:12:25 -0000 On Fri, 01 Mar 2013 10:42:58 -0500, Fbsd8 wrote: > Javad Kouhi wrote: > > Also no problem with FreeBSD 9.1 and chromium. But sometimes ago I have > > this problem with all https sites. because the government forged the wrong > > SSL certificate and my browser and my browser warned me about it. Do you > > have this problem with other websites? > > > > On Fri, Mar 1, 2013 at 6:02 PM, Zyumbilev, Peter wrote: > > > >> > >> On 01/03/2013 16:14, Ralf Mardorf wrote: > >> > >>> [1] $ firefox -version > >>> Mozilla Firefox 19.0 > >>> > >> No problem with SeaMonkey 2.16. > >> > >> > >> Peter > I use xp browser and it's certificate checking is enabled. You are sure using a more than 10 year old system should be considered safe enough to provide a reference? > Maybe the browsers running from xorg desktops are NOT certificate aware > so them not getting the error warning would be expected. They are. Or to be correct: The most prominent ones are, like Firefox, Chrome, and Opera. More lightweight browsers like dillo actually might not have this functionality. > The fact remains, the ms/browsers do find the wiki.freebsd.org wedsite's > certificate invalid because the certificate ip address does not match > the ip address the public dns points to. As it has been mentioned, one certificate can be used for several IP addresses. Both www and wiki are located at 8.8.178.110 (returned by "host" command), so there might be a DNS issue or something comparable strange... I've checked with Opera 11.50 here, no problems. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...