ppa.launchpad.net has incorrect SSL cert applied
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Launchpad itself |
New
|
Undecided
|
Unassigned | ||
Bug Description
It has been noticed that the ssl cert on https:/
$ curl --verbose https:/
* Trying 91.189.95.85:443...
* TCP_NODELAY set
* Connected to ppa.launchpad.net (91.189.95.85) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: CN=private-
* start date: Sep 19 02:50:43 2021 GMT
* expire date: Dec 18 02:50:42 2021 GMT
* subjectAltName does not match ppa.launchpad.net
* SSL: no alternative certificate subject name matches target host name 'ppa.launchpad.net'
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, close notify (256):
curl: (60) SSL: no alternative certificate subject name matches target host name 'ppa.launchpad.net'
| Colin Watson (cjwatson) wrote | #1 |
ppa.launchpad.net is not intended to support being used over HTTPS. We have a plan in progress for allowing access to public PPAs over HTTPS, but it will involve a different host name. See bug 1473091.