Hi Tom -
From: tom petch <daedulus(_at_)btconnect(_dot_)com>
Date: May 21, 2015 12:52:43 PM EDT
To: <ietf(_at_)ietf(_dot_)org>
Subject: Certificate mismatch
Running on a backup computer, I get a certificate mismatch message when I
try to access the datatracker using
the link from the IESG page and a warning that I really should not
proceed to this dangerous website.
Indeed, the website is datatracker.ietf.org and the certificate *.iab.org
Has something changed, or is this just a configuration quirk (Internet
Explorer) on my backup system?
Tom Petch
Hi Tom -
Sorry for the trouble you're having...
As Yoav implies, this is mostly an SNI error - your version of IE is likely
too old to support this. (His comment about XP made me laugh - ahh, the
"good old days," yeah?)
However, given that the IETF website is much more widely-used than the IAB
website, I've gone ahead and re-sequenced the server configuration files so
that, absent an SNI token, the "*.ietf.org" certificate (and website) will
be offered "by default." This won't get you into the datatracker, of
course, but it will make the warnings stop and at least let you view the
IETF main website.
Also just as a reminder, we have a help address,
"ietf-action(_at_)ietf(_dot_)org", to
which you can (also) direct questions like this. You'll likely get a
faster response by reaching out to us directly, than you would waiting for
someone on the IETF list to "notice" the question and forward it to us (as
happened in this case.)
In the meantime, I strongly suggest an upgrade to Windows Vista. I believe
its version of IE supported SNI... :-D
http://stackoverflow.com/questions/18495123/ie-on-xp-does-not-support-sni-to-permit-multiple-certificates-for-single-server
Regards,
Glen
Glen Barney
IT Director
AMS (IETF Secretariat)