[#9259] - "Add Install from Web tab" not working
- Closed
- 2 Mar 2016
- Urgent
- Build: master
- # 9259
Steps to reproduce the issue
Make a fresh install of Joomla 3.5 beta3, go to Extensions > Manage and click on "Add Install from Web tab" button
Expected result
Installation successful and Tab Install fron Web appears
Actual result
Installation not successful and these erros appears:
Warning
Update: :Extension: Could not open https://appscdn.joomla.org/webapps/jedapps/webinstaller.xml
Error connecting to the server: SSL certificate problem: unable to get local issuer certificate
Error
Invalid URL
Unable to find install package
System information (as much as possible)
Tested in localhost, php version 5.4.25 and also on a live site
Additional comments
Votes
That's sounds like your localhost doesn't have SSL correctly set up.
Since the URL for the webinstaller now is a https address, this fails.
snap but slightly different - and there is NO way to setup SSL on a localhost that I know of
Update: :Extension: Could not open https://appscdn.joomla.org/webapps/jedapps/webinstaller.xml
Error connecting to the server: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
SSL Labs test. could this be the problem?
See https://www.ssllabs.com/ssltest/analyze.html?d=appscdn.joomla.org&hideResults=on
@Bakual i'm not using localhost. this happens using a CentOS 7 production server
It is nothing to do with localhost!!! This screenshot is from siteground servers
| Priority | Medium | ⇒ | Urgent |
| Status | New | ⇒ | Confirmed |
| Labels |
Added:
?
|
||
| Labels | |||
just for info, on the same server ...
openssl connection to joomla.org -> All ok
# openssl s_client -connect joomla.org:443 -servername joomla.org
CONNECTED(00000003)
depth=3 C = US, O = Equifax, OU = Equifax Secure Certificate Authority
verify return:1
depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA
verify return:1
depth=1 C = US, O = GeoTrust Inc., CN = RapidSSL SHA256 CA - G3
verify return:1
depth=0 OU = GT76358277, OU = See www.rapidssl.com/resources/cps (c)14, OU = Domain Control Validated - RapidSSL(R), CN = *.joomla.org
verify return:1
---
Certificate chain
0 s:/OU=GT76358277/OU=See www.rapidssl.com/resources/cps (c)14/OU=Domain Control Validated - RapidSSL(R)/CN=*.joomla.org
i:/C=US/O=GeoTrust Inc./CN=RapidSSL SHA256 CA - G3
1 s:/C=US/O=GeoTrust Inc./CN=RapidSSL SHA256 CA - G3
i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
2 s:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
---
// [...] omitted for brevity.
Verify return code: 0 (ok)
---openssl connection to appscdn.joomla.org -> Error
# openssl s_client -connect appscdn.joomla.org:443 -servername appscdn.joomla.org
CONNECTED(00000003)
depth=0 OU = Domain Control Validated, OU = EssentialSSL, CN = appscdn.joomla.org
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 OU = Domain Control Validated, OU = EssentialSSL, CN = appscdn.joomla.org
verify error:num=27:certificate not trusted
verify return:1
depth=0 OU = Domain Control Validated, OU = EssentialSSL, CN = appscdn.joomla.org
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
0 s:/OU=Domain Control Validated/OU=EssentialSSL/CN=appscdn.joomla.org
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
1 s:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
2 s:/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Hardware
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
3 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO Certification Authority
i:/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Hardware
4 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=EssentialSSL CA
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO Certification Authority
---
// [...] omitted for brevity.
Verify return code: 21 (unable to verify the first certificate)
---
Anything attached to a CDN uses a different certificate from the joomla.org wildcard certificate (so in theory you should get something similar for extensionscdn.joomla.org, update.joomla.org, or even cdn.joomla.org. Or it'd be interesting to know if it's just the appscdn certificate now.
The 3 you mentioned are all good.
extensionscdn.joomla.org
# openssl s_client -connect extensionscdn.joomla.org:443 -servername extensionscdn.joomla.org
CONNECTED(00000003)
depth=3 C = US, O = "The Go Daddy Group, Inc.", OU = Go Daddy Class 2 Certification Authority
verify return:1
depth=2 C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", CN = Go Daddy Root Certificate Authority - G2
verify return:1
depth=1 C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", OU = http://certs.godaddy.com/repository/, CN = Go Daddy Secure Certificate Authority - G2
verify return:1
depth=0 OU = Domain Control Validated, CN = *.netdna-ssl.com
verify return:1
---
Certificate chain
0 s:/OU=Domain Control Validated/CN=*.netdna-ssl.com
i:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2
1 s:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2
i:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./CN=Go Daddy Root Certificate Authority - G2
2 s:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./CN=Go Daddy Root Certificate Authority - G2
i:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
3 s:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
i:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
---
// [...] omitted for brevity.
Verify return code: 0 (ok)
---update.joomla.org
# openssl s_client -connect update.joomla.org:443 -servername update.joomla.org
CONNECTED(00000003)
depth=3 C = US, O = "The Go Daddy Group, Inc.", OU = Go Daddy Class 2 Certification Authority
verify return:1
depth=2 C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", CN = Go Daddy Root Certificate Authority - G2
verify return:1
depth=1 C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", OU = http://certs.godaddy.com/repository/, CN = Go Daddy Secure Certificate Authority - G2
verify return:1
depth=0 OU = Domain Control Validated, CN = *.netdna-ssl.com
verify return:1
---
Certificate chain
0 s:/OU=Domain Control Validated/CN=*.netdna-ssl.com
i:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2
1 s:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2
i:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./CN=Go Daddy Root Certificate Authority - G2
2 s:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./CN=Go Daddy Root Certificate Authority - G2
i:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
3 s:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
i:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
---
// [...] omitted for brevity.
Verify return code: 0 (ok)
---cdn.joomla.org
# openssl s_client -connect cdn.joomla.org:443 -servername cdn.joomla.org
CONNECTED(00000003)
depth=3 C = US, O = "The Go Daddy Group, Inc.", OU = Go Daddy Class 2 Certification Authority
verify return:1
depth=2 C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", CN = Go Daddy Root Certificate Authority - G2
verify return:1
depth=1 C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", OU = http://certs.godaddy.com/repository/, CN = Go Daddy Secure Certificate Authority - G2
verify return:1
depth=0 OU = Domain Control Validated, CN = *.netdna-ssl.com
verify return:1
---
Certificate chain
0 s:/OU=Domain Control Validated/CN=*.netdna-ssl.com
i:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2
1 s:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2
i:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./CN=Go Daddy Root Certificate Authority - G2
2 s:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./CN=Go Daddy Root Certificate Authority - G2
i:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
3 s:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
i:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
---
// [...] omitted for brevity.
Verify return code: 0 (ok)
---
No extensionscdn.joomla.org is broken as well
https://www.sslshopper.com/ssl-checker.html#hostname=extensionscdn.joomla.org
yes you're right. i can connected from my server (as demonstrated above), but some may not.
https://www.ssllabs.com/ssltest/analyze.html?d=extensionscdn.joomla.org&hideResults=on&latest
You can check the others here:
Same problem when trying to update a 3.4.8 for testing to 3.5.0 Beta 3 using the Joomla! Update Component with update path = "testing": Same error, the XML could not be opened.
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9259.
I have had same problem yesterday morning during an update process from Joomla 3.4.7 to Joomla 3.4.8. Joomla can't read XML file (update STS), but if i open this https url with browser i can read it without problems. We have OVH servers.
We have contacted Rochen and this should be fixed now! Please can you guys test :)
Install from web works well now here on a fresh updated 3.5.0 Beta 3 + recent PRs for other stuff, this error message as shown above is not shown anymore. Could replicate the error yesterday so it seems to be solved now for the webinstaller.
But when I wanted to update thr 3.4.8. to Beta 3 by switching update channel to testing, I saw same kind of message, that the xml file could not be loaded. Is this a similar issue or related, or something different?
for appscdn.joomla.org
install web: OK
ssl labs test: OK (just incorrect order now)
https://www.ssllabs.com/ssltest/analyze.html?d=appscdn.joomla.org&hideResults=on&latest
Test with openssl: OK
# openssl s_client -connect appscdn.joomla.org:443 -servername appscdn.joomla.org
CONNECTED(00000003)
depth=3 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
verify return:1
depth=2 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Certification Authority
verify return:1
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Domain Validation Secure Server CA
verify return:1
depth=0 OU = Domain Control Validated, OU = EssentialSSL, CN = appscdn.joomla.org
verify return:1
---
Certificate chain
0 s:/OU=Domain Control Validated/OU=EssentialSSL/CN=appscdn.joomla.org
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
1 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
2 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
---
Verify return code: 0 (ok)
---
for update.joomla.org
ssl labs test: OK (only sha-1 chain issues now)
https://www.ssllabs.com/ssltest/analyze.html?d=update.joomla.org&hideResults=on&latest
Test with openssl: OK
# openssl s_client -connect update.joomla.org:443 -servername update.joomla.org
CONNECTED(00000003)
depth=3 C = US, O = "The Go Daddy Group, Inc.", OU = Go Daddy Class 2 Certification Authority
verify return:1
depth=2 C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", CN = Go Daddy Root Certificate Authority - G2
verify return:1
depth=1 C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", OU = http://certs.godaddy.com/repository/, CN = Go Daddy Secure Certificate Aut hority - G2
verify return:1
depth=0 OU = Domain Control Validated, CN = *.netdna-ssl.com
verify return:1
---
Certificate chain
0 s:/OU=Domain Control Validated/CN=*.netdna-ssl.com
i:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2
1 s:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2
i:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./CN=Go Daddy Root Certificate Authority - G2
2 s:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./CN=Go Daddy Root Certificate Authority - G2
i:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
3 s:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
i:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
---
Verify return code: 0 (ok)
---
Hmm then maybe for me for update.joomla.org was a cached bad cert somewhere on the server, and I just have to wait a bit?
Maybe - but Rochen notified us 2 hours ago :/ I just only picked up on the message from marijke (who kindly submitted the ticket to them) on glip
this issue itself (i mean the appscdn.joomla.org server(s) ssl configuration) is solved IMHO with the Rochen change.
| Status | Confirmed | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2016-03-02 00:19:17 |
| Closed_By | ⇒ | wilsonge |
OK Richard can you give it 24 hours and try again please? If it doesn't work just create a fresh issue - it's not too much effort to submit another ticket to Rochen (and it's not something we can solve in the 3.5 release process anyhow).
| Labels |
Removed:
?
|
||
Sure, I'll keep it on my list.
Thanks!
Umm I'm not sure but based on what @mbabker said the extensions cdn and the update cdn should use the same cert (unless he meant those 2 use different certs....)
Negative. Every CDN endpoint in *.joomla.org uses a certificate specific to that subdomain. This includes appscdn, cdn, downloadscdn, extensionscdn, and update. Everything else except for the Jenkins server (because I've not had the server & app configured for SSL operations) uses (or has available in the case of every property that still fails to function correctly on or enforce HTTPS) the wildcard *.joomla.org certificate.
Then the cert for update is maybe not OK still?
I think the ticket that was logged only resolved the appscdn specifically based on the original reports.
Hi I am having exact same issue has
@andrepereiradasilva on 1 Mar 2016 (I see same screen shot) - this is not local host
as of today 26 May 2016
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9259.
Sorry, text slight different
Warning
Update: :Extension: Could not open https://appscdn.joomla.org/webapps/jedapps/webinstaller.xml
Error connecting to the server: SSL certificate problem: certificate has expired
Error
Invalid URL
Unable to find install package
I can open this page https://appscdn.joomla.org/webapps/jedapps/webinstaller.xml no problems...
Joomla 3.5.1 - upgraded from 1.5 > to 2.5 > to 3.5.1
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9259.
I have asked Rochen to take a look at this.
Test: https://www.ssllabs.com/ssltest/analyze.html?d=appscdn.joomla.org&hideResults=on
"This site works only in browsers with SNI support."
Probably it's the lack of support for servers that don't support SNI again, but this time for appscdn.joomla.org domain and the default server certificate expired.
Test with SNI
# openssl s_client -connect appscdn.joomla.org:443 -servername appscdn.joomla.org
CONNECTED(00000003)
depth=3 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
verify return:1
depth=2 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Certification Authority
verify return:1
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Domain Validation Secure Server CA
verify return:1
depth=0 OU = Domain Control Validated, OU = EssentialSSL, CN = appscdn.joomla.org
verify return:1
---
Certificate chain
0 s:/OU=Domain Control Validated/OU=EssentialSSL/CN=appscdn.joomla.org
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
1 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
2 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
---
Verify return code: 0 (ok)
---Test without SNI (notice it fallback to other certificate)
# openssl s_client -connect appscdn.joomla.org:443
CONNECTED(00000003)
depth=2 C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA
verify return:1
depth=1 C = BE, O = GlobalSign nv-sa, CN = GlobalSign Organization Validation CA - G2
verify return:1
depth=0 C = FR, ST = Alpes Maritimes, L = Grasse, OU = IT, O = DYNADMIC, CN = bko.dynadmic.com
verify error:num=10:certificate has expired
notAfter=May 23 13:05:03 2015 GMT
verify return:1
depth=0 C = FR, ST = Alpes Maritimes, L = Grasse, OU = IT, O = DYNADMIC, CN = bko.dynadmic.com
notAfter=May 23 13:05:03 2015 GMT
verify return:1
---
Certificate chain
0 s:/C=FR/ST=Alpes Maritimes/L=Grasse/OU=IT/O=DYNADMIC/CN=bko.dynadmic.com
i:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Organization Validation CA - G2
1 s:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Organization Validation CA - G2
i:/C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA
---
Verify return code: 10 (certificate has expired)
---
Still same issue on brand new - default joomla 3.5.1 - different server as first site
I can open the xml. on web, but does not want to install "install from web"
FYI
Warning
Update: :Extension: Could not open https://appscdn.joomla.org/webapps/jedapps/webinstaller.xml
Error connecting to the server: SSL certificate problem: certificate has expired
Error
Invalid URL
Unable to find install package
@andrepereiradasilva Apologies, the answer was there already but it fell off the radar. This is their answer:
The server is reporting the certificate is fine. As for only supporting browsers with SNI support, that is true for pretty much all common SSL's now a days. The only browsers that do not support SSL are browsers that are no longer supported by their respective operating systems.
I guess we need to make them aware of your check without SNI, I have mentioned your non-SNI check results.
yeah it seems appscdn.joomla.org domain in normally used only by browsers. but i guess in the process of installing the install from web plugin the url it's fetched by the server hosting joomla, not by the browser.
In that case is the server that has to support SNI and so we have the same problem that we had before with the update.joomla.org (see #9281 (comment)).
In conclusion, it seems for this to work across multiple systems, the appscdn.joomla.org needs a dedicated IP to.
I am using firefox, I have not tried with other browser.... Are you FF is not supporting SNI?
PS Can this be reopened? It is not solved....
If anything a new issue should be logged. What was fixed 3 months ago may
or may not have any relation at all to the fact it isn't working today.
Same error message doesn't mean same issue.
On Sunday, June 5, 2016, trustyrusty notifications@github.com wrote:
PS Can this be reopened? It is not solved....
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
#9259 (comment),
or mute the thread
https://github.com/notifications/unsubscribe/AAWfof7iT2r8XjrLCQQjdmpz38VgcSspks5qI1c3gaJpZM4Hlptz
.
Since we don't have a new issue, I am going to post the answer here:
Thank you for the update. I have investigated this issue and found that the problem was due to an issue at MaxCDN. I reached out to MaxCDN and had them place appscdn.joomla.org on a new IP address, so SNI support is no longer required to generate a valid HTTPS connection to that subdomain.
Could you check and confirm this has resolved the issue?
Test with SNI
# openssl s_client -connect appscdn.joomla.org:443 -servername appscdn.joomla.org
CONNECTED(00000003)
depth=3 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
verify return:1
depth=2 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Certification Authority
verify return:1
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Domain Validation Secure Server CA
verify return:1
depth=0 OU = Domain Control Validated, OU = EssentialSSL, CN = appscdn.joomla.org
verify return:1
---
Certificate chain
0 s:/OU=Domain Control Validated/OU=EssentialSSL/CN=appscdn.joomla.org
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
1 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
2 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
---
Verify return code: 0 (ok)
---Test without SNI
# openssl s_client -connect appscdn.joomla.org:443
CONNECTED(00000003)
depth=3 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
verify return:1
depth=2 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Certification Authority
verify return:1
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Domain Validation Secure Server CA
verify return:1
depth=0 OU = Domain Control Validated, OU = EssentialSSL, CN = appscdn.joomla.org
verify return:1
---
Certificate chain
0 s:/OU=Domain Control Validated/OU=EssentialSSL/CN=appscdn.joomla.org
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
1 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
2 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
---
Verify return code: 0 (ok)
---So it seems all
Also https://www.ssllabs.com/ssltest/analyze.html?d=appscdn.joomla.org&hideResults=on
Returns
No SNI notice so all ok
Thanks. Now let's keep this issue closed :)
Sorry To open it again, but I'm having the same issue, and I'm not an expert, so I read everything here, but I still don't know how to solve it. I'm using freehostia, could the problem be with them?
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9259.
very probable is a problem with your host. Contact them.
I think so. WordPress had problems as well, so now I'm trying Drupal, and it works perfectly. So I guess I'm gonna be a Drupal guy now... It looks awesome, not so difficult as they say, and more possibilities. So I'm sold to Drupal.
Thanks for the quick response!
I'm going to lock this issue. If anyone else has this issue in the future please open a new tracker item. Thanks
i can reproduce this issue described