[wp-meta] [Making WordPress.org] #611: Add ^wordpress.org SSL cert for clients that do not support subject alt names
noreply at wordpress.org
Thu Sep 18 17:00:41 UTC 2014
#611: Add ^wordpress.org SSL cert for clients that do not support subject alt
Reporter: BrianLayman | Owner:
Type: defect | Status: new
Priority: low | Component: SSL
Summary: Some clients, specifically older releases of wget, do not support
alternative DNS names in certificates. A recent change to wordpress.org
forcing https may cause Linux scripts to throw errors.
I've got scripts that forcibly maintain clean WP installs by going out and
grabbing http://wordpress.org/latest.zip and installing it.
Within the last couple days the wordpress.org site changed to redirect
that request to https://wordpress.org/latest.zip.
The certificate on wordpress.org is explicitly for *.wordpress.org, but
does have an alternative name for wordpress.org.
So this is what I get on my script runs today:
--2014-09-18 08:55:38-- http://wordpress.org/latest.zip
Resolving wordpress.org... 220.127.116.11, 18.104.22.168
Connecting to wordpress.org|22.214.171.124|:80... connected.
HTTP request sent, awaiting response... 302 Moved Temporarily
Location: https://wordpress.org/latest.zip [following]
--2014-09-18 08:55:38-- https://wordpress.org/latest.zip
Connecting to wordpress.org|126.96.36.199|:443... connected.
ERROR: certificate common name `*.wordpress.org' doesn't match requested
host name `wordpress.org'.
To connect to wordpress.org insecurely, use `--no-check-certificate'.
Unable to establish SSL connection.
unzip: cannot find or open latest.zip, latest.zip.zip or latest.zip.ZIP
The source of the issue for me is that I have "GNU Wget 1.11.4 Red Hat
modified" or older on most of the servers I manage. The issue is fixed in
I'll update the wget on my servers, but thought this should still be
logged for informational purposes, if nothing else.
Thank you to Nacin on the assist in diagnosing the true issue at hand..
Ticket URL: <https://meta.trac.wordpress.org/ticket/611>
Making WordPress.org <https://meta.trac.wordpress.org/>
More information about the wp-meta