Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW
 
PerlMonks  

Re^2: All my links turned red (was: Clear text passwords)

by huck (Vicar)
on Jun 07, 2018 at 21:28 UTC ( #1216144=note: print w/replies, xml ) Need Help??


in reply to Re: Clear text passwords
in thread Clear text passwords

Then did Moses just reach the Promised Land?

All my links turned red, and upon looking closer i find myself diverted to https://www.perlmonks.org/......

is this a permanent thing now?

  • Comment on Re^2: All my links turned red (was: Clear text passwords)

Replies are listed 'Best First'.
Re^3: Certificate confusion (was: Clear text passwords)
by LanX (Bishop) on Jun 08, 2018 at 00:50 UTC
    It's confusing I sometimes get the *.pairsite.com certificate for https://perlmonks.org/ , which I have to accept manually.

    Since I remember that we are using at least two servers for load balancing, my first guess is that one of the apaches has the wrong cert-file in place.

    For me:

    all other combinations I tried required a manual exception.

    update

    Forgot to test *.perlmonks.net with Firefox, but they seem to work fine with my mobile browser.

    Cheers Rolf
    (addicted to the Perl Programming Language :)
    Wikisyntax for the Monastery

      dig shows 3 IPs being round robin'd (robinned?). The Let's Encrypt SAN cert works on (www\.)?perlmonks\.(org)|(com)|(net), but the pairsite wildcard cert will only work on the pairsite domain, one subdomain deep. So www.perlmonks.pairsite.com will not work, authentication wise, with either cert. 3 Servers, 8 urls, 2 certs, one of which expires every 90 days, not the most enjoyable way to spend free time, I'm sure.

        Interestingly it looks like it has been setup correctly on 2 of the 3 servers

        $ host www.perlmonks.org www.perlmonks.org is an alias for perlmonks.org. perlmonks.org has address 209.197.123.153 perlmonks.org has address 66.39.54.27 perlmonks.org has address 216.92.34.251 $ openssl s_client -showcerts -servername www.perlmonks.org -connect 2 +09.197.123.153:443 </dev/null 2>&1| grep subject subject=/C=US/postalCode=15203/ST=Pennsylvania/L=Pittsburgh/street=Sui +te 510/street=2403 Sidney Street/O=pair Networks, Inc./OU=Provided by + pair Networks/OU=PairWildcardSSL $250,000/CN=*.pairsite.com $ openssl s_client -showcerts -servername www.perlmonks.org -connect 6 +6.39.54.27:443 </dev/null 2>&1| grep subject subject=/CN=perlmonks.org $ openssl s_client -showcerts -servername www.perlmonks.org -connect 2 +16.92.34.251:443 </dev/null 2>&1| grep subject subject=/CN=perlmonks.org
        There is more than one way to set up Apache to rewrite and find the cert.

        I'm sure the admins will find a stable way.

        The short term certificate is surely only meant for testing.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1216144]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others meditating upon the Monastery: (4)
As of 2018-10-19 23:37 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    When I need money for a bigger acquisition, I usually ...














    Results (111 votes). Check out past polls.

    Notices?
    • (Sep 10, 2018 at 22:53 UTC) Welcome new users!