You are viewing a plain text version of this content. The canonical link for it is here.

Posted to infrastructure-issues@apache.org by "David Nalley (JIRA)" <ji...@apache.org> on 2014/06/13 17:15:03 UTC

[jira] [Updated] (INFRA-7579) Self-signed cert for SMTPS on people.apache.org has wrong CN

     [ https://issues.apache.org/jira/browse/INFRA-7579?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

David Nalley updated INFRA-7579:
--------------------------------

    Assignee: Joe Schaefer

> Self-signed cert for SMTPS on people.apache.org has wrong CN
> ------------------------------------------------------------
>
>                 Key: INFRA-7579
>                 URL: https://issues.apache.org/jira/browse/INFRA-7579
>             Project: Infrastructure
>          Issue Type: Bug
>            Reporter: Shawn Heisey
>            Assignee: Joe Schaefer
>             Fix For: Apr 2013
>
>
> The self-signed certificate on people.apache.org:465 (SMTP/SSL) says that it's for mail.apache.org ... except that mail.apache.org is a completely different machine that's not listening on port 465 or 587.
> Chances are that I can accept this certificate without fear, but I'm only going to do so on a temporary basis, and only if INFRA provides a fingerprint and says it's OK to accept a cert with that fingerprint.
> I believe that the certificate should reflect the actual name that gets used to connect to the machine.  Only then will I feel comfortable with a permanent security exception.



--
This message was sent by Atlassian JIRA
(v6.2#6252)