Page MenuHomePhabricator

www.* has a bad certificate
Closed, DeclinedPublic


Sites such as and redirect to their non-www equivalents (, However, when accessing these www. sites over HTTPS there is a host mismatch, as wildcard certificates are not valid for multiple levels of subdomain. As such, visiting throws an invalid certificate error.

Version: wmf-deployment
Severity: normal



Event Timeline

bzimport raised the priority of this task from to Needs Triage.Nov 22 2014, 3:45 AM
bzimport added a project: HTTPS.
bzimport set Reference to bz72182.
bzimport added a subscriber: Unknown Object (MLST).

Why are you visitng these domains?

There isn't any nice way of fixing this, as WMF isn't going to waste money on buying sub-subdomain SSL certs...

(In reply to Sam Reed (reedy) from comment #1)

Why are you visiting these domains?

As I understand it, there's a reason that and similar URLs were created: it's convention and standard practice for this type of domain format to function properly. There are older Bugzilla bugs about this, I believe.

(In reply to MZMcBride from comment #2)

There are older Bugzilla bugs about this, I believe.

Specifically bug 1698.