* bug#35896: 27.0.50; Gmane certificate host does not match hostname
@ 2019-05-25 11:53 Stefan Monnier
2019-05-25 12:54 ` Andreas Schwab
0 siblings, 1 reply; 3+ messages in thread
From: Stefan Monnier @ 2019-05-25 11:53 UTC (permalink / raw
To: 35896
Package: Emacs
Version: 27.0.50
Whenever gmane update their certificate NSM asks me for confirmation,
saying:
The TLS connection to news.gmane.org:nntp is insecure for the following
reason:
certificate host does not match hostname
If I look at the certificate info above I see:
Issued to: CN=news.gmane.org
Hostname: news.gmane.org
So to me, it looks like the hostname matches, except maybe for the "CN="
which seems like a mistake. Is that a mistake on our side or on Gmane's
or on Let's Encrypt?
Stefan
^ permalink raw reply [flat|nested] 3+ messages in thread
* bug#35896: 27.0.50; Gmane certificate host does not match hostname
2019-05-25 11:53 bug#35896: 27.0.50; Gmane certificate host does not match hostname Stefan Monnier
@ 2019-05-25 12:54 ` Andreas Schwab
2019-05-25 16:03 ` Stefan Monnier
0 siblings, 1 reply; 3+ messages in thread
From: Andreas Schwab @ 2019-05-25 12:54 UTC (permalink / raw
To: Stefan Monnier; +Cc: 35896
On Mai 25 2019, Stefan Monnier <monnier@iro.umontreal.ca> wrote:
> Whenever gmane update their certificate NSM asks me for confirmation,
> saying:
>
> The TLS connection to news.gmane.org:nntp is insecure for the following
> reason:
>
> certificate host does not match hostname
Are you sure the question is about news.gmane.org, not news.gwene.org?
Andreas.
--
Andreas Schwab, schwab@linux-m68k.org
GPG Key fingerprint = 7578 EB47 D4E5 4D69 2510 2552 DF73 E780 A9DA AEC1
"And now for something completely different."
^ permalink raw reply [flat|nested] 3+ messages in thread
* bug#35896: 27.0.50; Gmane certificate host does not match hostname
2019-05-25 12:54 ` Andreas Schwab
@ 2019-05-25 16:03 ` Stefan Monnier
0 siblings, 0 replies; 3+ messages in thread
From: Stefan Monnier @ 2019-05-25 16:03 UTC (permalink / raw
To: Andreas Schwab; +Cc: 35896-done
>> Whenever gmane update their certificate NSM asks me for confirmation,
>> saying:
>>
>> The TLS connection to news.gmane.org:nntp is insecure for the following
>> reason:
>>
>> certificate host does not match hostname
>
> Are you sure the question is about news.gmane.org, not news.gwene.org?
I didn't copy&paste the text (because the prompt is not a minibuffer
and here I'm exposed to the undesirable difference ;-), so maybe you're
right: maybe I didn't read carefully enough to notice it said "gwene"
instead of "gmane".
[...comparing my network-security.data with my backup's...]
Yup, you're right, it seems that it was gwene's so I guess it's
a misconfiguration there where they share a single certificate but only
tell Letsencrypt about one of the two names.
Thanks,
Stefan
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-05-25 16:03 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-05-25 11:53 bug#35896: 27.0.50; Gmane certificate host does not match hostname Stefan Monnier
2019-05-25 12:54 ` Andreas Schwab
2019-05-25 16:03 ` Stefan Monnier
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.