Platformio.org has invalid SSL certificate

bluejedi · November 29, 2017, 10:43am

When trying to access platformio.org over https (https://platformio.org) I get a warning that is has an invalid SSL certificate. That’s not good.

ivankravets · November 29, 2017, 7:26pm

See

github.com/platformio/platformio-core

No HTTPS for platformio.org

opened 02:26PM - 09 May 17 UTC

closed 01:53PM - 12 Feb 18 UTC

nopdotcom

enhancement

What kind of issue is this? https://platformio.org website. --------------…---------------------------------------------------- ### Configuration Ubuntu 16.04.2, OS X 10.11.6, and I stopped trying platforms after that. **PlatformIO Version** (`platformio --version`): Not relevant. ### Description of problem I want to visit https://platformio.org. I expected it to work like http://platformio.org, except with a padlock. What I got instead is “This certificate is not valid, because it is for pioplus.com.” #### Steps to Reproduce `wget` is less sexy than browser padlocks, but it is reproducible nearly everywhere. ``` $ wget -d https://platformio.org ``` ### Actual Results [noise snipped; you can run wget yourself :–)] ``` DEBUG output created by Wget 1.17.1 on linux-gnu. --2017-05-09 10:23:08-- https://platformio.org/ Resolving platformio.org (platformio.org)... 193.222.52.25 Initiating SSL handshake. certificate: subject: CN=pioplus.com issuer: CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US ERROR: no certificate subject alternative name matches requested host name ‘platformio.org’. ``` ### Expected Results ``` $ wget https://www.nop.com --2017-05-09 10:19:01-- https://www.nop.com/ Resolving www.nop.com (www.nop.com)... 72.14.177.231 Connecting to www.nop.com (www.nop.com)|72.14.177.231|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 2890 (2.8K) [text/html] Saving to: ‘index.html.1’ ``` [...] ### Additional info I think you just need a better letsencrypt setup. Send me mail at `nop@nop.com` if you’d like me to peer at it.

bluejedi · December 5, 2017, 2:58pm

Thanks for your response.

On above link on GitHub I can see that HTTPS support is labeled as ‘enhancement’.

That appears like a serious understatement though. From security perspective TLS(SSL)/HTTPS support is a badly needed requirement.
What is the current status of implementing HTTPS/TLS support?

ivankravets · December 5, 2017, 4:19pm

All our services work via HTTPS (API, package storage). The only web-site (hosted on GitHub) work via HTTP. We will move it soon to our server.