Page MenuHomePhabricator

www.*.wikimedia.org has a bad certificate
Closed, DeclinedPublic

Description

Sites such as www.en.wikipedia.org and www.commons.wikimedia.org redirect to their non-www equivalents (en.wikipedia.org, commons.wikimedia.org). However, when accessing these www. sites over HTTPS there is a host mismatch, as wildcard certificates are not valid for multiple levels of subdomain. As such, visiting https://www.en.wikipedia.org throws an invalid certificate error.


Version: wmf-deployment
Severity: normal

Details

Reference
bz72182

Event Timeline

bzimport raised the priority of this task from to Needs Triage.Nov 22 2014, 3:45 AM
bzimport added a project: HTTPS.
bzimport set Reference to bz72182.
bzimport added a subscriber: Unknown Object (MLST).

Why are you visitng these domains?

There isn't any nice way of fixing this, as WMF isn't going to waste money on buying sub-subdomain SSL certs...

(In reply to Sam Reed (reedy) from comment #1)

Why are you visiting these domains?

As I understand it, there's a reason that www.commons.wikimedia.org and similar URLs were created: it's convention and standard practice for this type of domain format to function properly. There are older Bugzilla bugs about this, I believe.

(In reply to MZMcBride from comment #2)

There are older Bugzilla bugs about this, I believe.

Specifically bug 1698.