[Swan] Intermittent download.libreswan.org certificate hostname mismatch
Tuomo Soini
tis at foobar.fi
Sun Apr 23 07:29:08 UTC 2017
On Sat, 22 Apr 2017 13:35:09 -0400
Daniel McCarney <daniel at binaryparadox.net> wrote:
> Hi there,
>
> I've noticed that approximately 50% of requests to
> `https://download.libreswan.org` that do not send a TLS Server Name
> Indication (SNI) value will fail with a hostname mismatch error. My
> extremely robust & scientific process (lol) involved 20 requests with
> `openssl s_client` with the results here:
Exactly, you nees SNI capability on your client. If you have problems
with certain client I suggest updating your client software.
> Is there a better place to report this bug?
https://bugs.libreswan.org/ would be correct place for bug reports.
--
Tuomo Soini <tis at foobar.fi>
Foobar Linux services
+358 40 5240030
Foobar Oy <http://foobar.fi/>
More information about the Swan
mailing list