Page MenuHomePhabricator
Create Task
Maniphest T74182

www.*.wikimedia.org has a bad certificate
Closed, DeclinedPublic
Actions

Description

Sites such as www.en.wikipedia.org and www.commons.wikimedia.org redirect to their non-www equivalents (en.wikipedia.org, commons.wikimedia.org). However, when accessing these www. sites over HTTPS there is a host mismatch, as wildcard certificates are not valid for multiple levels of subdomain. As such, visiting https://www.en.wikipedia.org throws an invalid certificate error.

Version: wmf-deployment
Severity: normal

Details

Reference
bz72182

Event Timeline

bzimport raised the priority of this task from to Needs Triage.Nov 22 2014, 3:45 AM
bzimport added a project: HTTPS.
bzimport set Reference to bz72182.
bzimport added a subscriber: Unknown Object (MLST).
MC8 created this task.Oct 17 2014, 12:36 PM
Reedy added a comment.Oct 17 2014, 12:41 PM

Why are you visitng these domains?

There isn't any nice way of fixing this, as WMF isn't going to waste money on buying sub-subdomain SSL certs...

MZMcBride added a comment.Oct 17 2014, 12:45 PM

(In reply to Sam Reed (reedy) from comment #1)

Why are you visiting these domains?

As I understand it, there's a reason that www.commons.wikimedia.org and similar URLs were created: it's convention and standard practice for this type of domain format to function properly. There are older Bugzilla bugs about this, I believe.

MZMcBride added a comment.Oct 17 2014, 12:48 PM

(In reply to MZMcBride from comment #2)

There are older Bugzilla bugs about this, I believe.

Specifically bug 1698.

Content licensed under Creative Commons Attribution-ShareAlike 3.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL