https everywhere update - dlang.org gets an "A" now!
Kapps via Digitalmars-d-announce
digitalmars-d-announce at puremagic.com
Mon Dec 7 06:48:52 PST 2015
On Monday, 7 December 2015 at 14:38:39 UTC, Steven Schveighoffer
wrote:
> On 12/6/15 11:32 AM, Marc Schütz wrote:
>> On Sunday, 6 December 2015 at 14:17:18 UTC, Steven
>> Schveighoffer wrote:
>>> On 12/6/15 3:29 AM, Adil Baig via Digitalmars-d-announce
>>> wrote:
>>>> +1 Same error. This part may help :
>>>>
>>>> This server could not prove that it is *www.dlang.org
>>>> <http://www.dlang.org>*; its security certificate is
>>>> from*dlang.org
>>>> <http://dlang.org>*
>>>> *
>>>> *
>>>> You will need a wild-card certificate (cheaper) or a
>>>> certificate that
>>>> allows multiple domain names (more expensive, and probably
>>>> not required)
>>>> for the cert to work.
>>>>
>>>
>>> Or redirect www.dlang.org to dlang.org
>>
>> That won't help if someone already starts at
>> https://www.dlang.org/ .
>
> I'm surprised it wouldn't. I wouldn't think a redirect would
> need to be encrypted.
>
> -Steve
It does. Otherwise you could bypass HTTPS entirely by replacing
the redirect page with a non-encrypted copy of the dlang website
with whatever modifications you like.
More information about the Digitalmars-d-announce
mailing list