Re: This site is not secure continues
by RonW (Parson) on Jun 27, 2018 at 20:14 UTC
|
The URL https://perlmonks.pairsite.com/ always goes to a server with the "*.pairsite.com" certificate, so does not have certificate issues.
Yes, it's a work around, but once it's bookmarked, your certificate headaches are over.
Also, this is something that only Pair Networks can fix. It is a server configuration issue, not a website issue.
And, please note that Perlmonks.org is being hosted for free. The time employees of Pair Networks spend on supporting the servers that host perlmonks.org is their personal time, which they do not get paid for.
We, the Monks, are getting amazingly good service. Extremely few other hosting companies would be willing to provide even a 10th the level of service that Pair is providing to us - for free.
| [reply] |
|
The URL https://perlmonks.pairsite.com always goes to a server with the "*.pairsite.com" certificate, so does not have certificate issues.
For me, connecting this morning to https://perlmonks.pairsite.com/ is failing to avoid the problem, and I get the dreaded "There is a problem with this website’s security certificate" page.
(Today is the first time I've experienced the problem when connecting to https://perlmonks.pairsite.com, and it's persisting.)
OTOH, connecting to https://www.perlmonks.org/?node_id=3628 is presently working fine - though the security problem with that particular URL has always been intermittent for me.
Cheers, Rob
| [reply] |
|
| [reply] |
|
|
See also Corion's post here, this means that currently perlmonks.com should always work, and hopefully they'll get it straightened out so that perlmonks.org and perlmonks.net also work. I'm not sure what'll happen to perlmonks.pairsite.com - at the moment it seems to be having DNS issues.
| [reply] [d/l] [select] |
|
|
|
A reply falls below the community's threshold of quality. You may see it by logging in. |
Re: This site is not secure continues
by rminner (Chaplain) on Jun 27, 2018 at 21:13 UTC
|
Problem Summary:
- 209.197.123.153 is configured with a certificate issued for dns entries matching *.pairsite.com
- perlmonks.(com|net|org) have an A record pointing to 209.197.123.153
As a consequence, whenever one is directed to the pairsite mirror, one gets a security warning, because the subject alternative name in the certificate, does not match the dns name used for contacting the host.
Possible solutions:
- configure the pairsite mirror to use the letsencrypt certificate
- remove 209.197.123.153 for the dns entries where its certificate does not match (perlmonks.com,perlmonks.net,perlmonks.org,...)
I love this site. I greatly appreciate the effort put into this site by the volunteer administrators. This problem however annoys me quite a bit. I want to see it fixed. I therefore volunteer to fix it. This would however require trusting me with the credentials required for the changes. I am offering my time, in case this is the limiting factor. If anybody else fixes it, i am also very happy. As an alternative solution i offer a beer to the person who fixes it ;).
Details:
rminner@hamster530:~$ date
Mi 27. Jun 23:08:54 CEST 2018
rminner@hamster530:~$ for i in `dig +short perlmonks.org`; do echo -en
+ "$i: \n\t" ; echo "Q" | openssl s_client -connect $i:443 2> /dev/nul
+l| openssl x509 -text -noout | sed -n '/X509v3 Subject Alternative N
+ame/{n;s/^\s*//;s/, /\n\t/g;p;}'; done
216.92.34.251:
DNS:css.perlmonks.com
DNS:css.perlmonks.net
DNS:css.perlmonks.org
DNS:perlmonks.com
DNS:perlmonks.net
DNS:perlmonks.org
DNS:www.perlmonks.com
DNS:www.perlmonks.net
DNS:www.perlmonks.org
66.39.54.27:
DNS:css.perlmonks.com
DNS:css.perlmonks.net
DNS:css.perlmonks.org
DNS:perlmonks.com
DNS:perlmonks.net
DNS:perlmonks.org
DNS:www.perlmonks.com
DNS:www.perlmonks.net
DNS:www.perlmonks.org
209.197.123.153:
DNS:*.pairsite.com
DNS:pairsite.com
rminner@hamster530:~$
| [reply] [d/l] |
Re: This site is not secure continues
by atcroft (Abbot) on Jun 27, 2018 at 18:16 UTC
|
If you will refer to Re^4: Certificate confusion (was: Clear text passwords), you will see (and can test yourself) that of the 3 IP addresses that refer to /(?:www\.)?perlmonks\.(?:com|net|org)/, the 209.197.123.153 IP address appears to be returning the '*.pairsite.com' certificate, rather than the appropriate 'perlmonks.org' certificate.
While I agree that the recent certificate-related issues are frustrating, the load balancers used by the PerlMonks site have nothing against you personally, and is not part of an evil plan to drive you away from perl/into the arms of another language.
My advice (for what it is worth): hang in there, roll with the punches, and try to have yourself a good day today (and a better one tomorrow).
| [reply] [d/l] |
|
And that's not to mention that on a site that's maintained by purely volunteer effort, an anonymous demand that someone else snap to and get a problem squared away is likely to be met by a response that's less than galvanic. (And that assumes that the problem is one that PerlMonks can address; I'm still not clear about the division of responsibility between perlmonks.org and pair.com. But I don't really care about that: I've resolved my problem by always logging on to perlmonks.pairsite.com.)
Give a man a fish: <%-{-{-{-<
| [reply] [d/l] |
Re: This site is not secure continues
by LanX (Saint) on Jun 27, 2018 at 16:10 UTC
|
Sad news, who's going to post anonymously now??? :´(
| [reply] |