[wp-meta] [Making WordPress.org] #5917: TLS Certificates in alternative domains
Making WordPress.org
noreply at wordpress.org
Fri Sep 24 11:13:02 UTC 2021
#5917: TLS Certificates in alternative domains
---------------------------+--------------------
Reporter: JavierCasares | Owner: (none)
Type: defect | Status: new
Priority: high | Milestone:
Component: SSL | Keywords:
---------------------------+--------------------
I was accessing wp.org and found an alert in my browser (Firefox) about
the certificate mismatch.
Thereafter, checking the certificates, I found this:
**wordpress.org**
Common names: *.wordpress.org
Alternative names: *.wordpress.org wordpress.org
Everything looks good, although...
This server supports TLS 1.0 and TLS 1.1. We should think about changing
that.
Also, using some weak Cipher Suites.
https://www.ssllabs.com/ssltest/analyze.html?d=wordpress.org&hideResults=on
**w.org**
Common names: *.w.org
Alternative names: *.w.org w.org
Same about TLS 1.0 and TLS 1.1. Also, using some weak Cipher Suites.
https://www.ssllabs.com/ssltest/analyze.html?d=w.org&hideResults=on
**wp.org**
Common names: *.wordpress.org
Alternative names: *.wordpress.org wordpress.org MISMATCH
Seems that this domain is not using the appropriate certificate.
https://www.ssllabs.com/ssltest/analyze.html?d=wp.org&hideResults=on
Please, check that :)
--
Ticket URL: <https://meta.trac.wordpress.org/ticket/5917>
Making WordPress.org <https://meta.trac.wordpress.org/>
Making WordPress.org
More information about the wp-meta
mailing list