| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | Martín Marqués <martin(at)2ndquadrant(dot)com>, pgsql-www(at)postgresql(dot)org |
| Subject: | Re: certificate issue between download and ftp |
| Date: | 2018-06-21 15:08:44 |
| Message-ID: | 9194.1529593724@sss.pgh.pa.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-www |
Stephen Frost <sfrost(at)snowman(dot)net> writes:
> While ftp.postgresql.org is the common name on the certificate,
> download.postgresql.org is listed as a Subject Alternative Name and
> therefore should be accepted. I certainly don't have any issue here
> using a recent Ubuntu version.
FWIW, the given case works for me with RHEL6's wget (wget-1.12-10.el6),
but I see this entry in the changelog for that package:
* Fri Jan 31 2014 Tomas Hozza <thozza(at)redhat(dot)com> 1.12-2
- Fix wget to recognize certificates with alternative names (#736445)
which likely was a back-patch from upstream 1.13 or later. It's
reasonable to suspect that there are still wget's in the wild with this
bug. How much of a PITA would it be to avoid use of alternative names
for the download servers?
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Martin Marques | 2018-06-21 15:14:26 | Re: certificate issue between download and ftp |
| Previous Message | Martin Marques | 2018-06-21 15:01:45 | Re: certificate issue between download and ftp |