https://bugzilla.novell.com/show_bug.cgi?id=794742 https://bugzilla.novell.com/show_bug.cgi?id=794742#c2 andreas bittner <abittner@abittner.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|FIXED | --- Comment #2 from andreas bittner <abittner@abittner.de> 2012-12-19 09:44:18 UTC --- what do you mean? I am just checking it again, I am accessing bugzilla.novell.com via a windows machine with google chrome as an example. there is no use checking any packages on whatever linux machine in this scenario :) so I accessed the https://bugzilla.novell.com/show_bug.cgi?id=794742 link from my mail, that comes up with the browser (e.g. googlechrome) and allows me to log in, the login link in the html generated by the bugzilla.novell.com webserver was pointing to some attachmategroup address, with https certificate matching for the login process that was okay. but now that I am here writing this bugreport reply, the page displays at the top a logout link that link in html points to: https://esp.novell.com/AGLogout and when I click that, my googlechrome browser still/again complains, as the URL is not matching with the certificate represented. the certificate is probably still for attachmate, but the bugzilla rendered html output points me to esp.novell.com thats what I am reporting about hope you understand please forward to some webserver administrator or infrastructure people at novell, attachmate or however your companies work and consist of at the moment. regards. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=794742 https://bugzilla.novell.com/show_bug.cgi?id=794742#c4 --- Comment #4 from Jiaying ren <jren@suse.com> 2012-12-19 10:47:17 UTC --- (In reply to comment #3)

and then there is the googlechrome complaining about certificate mismatch and potential attack etc....

Hi~Andreas.The issue you mentioned can't be reproduced by my host.But I'll forward this for my colleague.Thank you for your report. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=794742 https://bugzilla.novell.com/show_bug.cgi?id=794742#c6 andreas bittner <abittner@abittner.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |REOPENED InfoProvider|abittner@abittner.de | --- Comment #6 from andreas bittner <abittner@abittner.de> 2012-12-20 11:32:25 UTC --- I think there is multiple sides to this stuff, and one very simple aspect is, that single logout URL I have just tried with Firefox on a completely different Network, just by visting that Address https://esp.novell.com/AGLogout and it also complains about bad certificate So there is no way other than your dns/ip/networks/filters maybe within the company network or some rules give you a different ip/address/redirect than us external users. then there might be a second issue inside bugzilla maybe depending on useraccounts and usergroups visiting bugzilla, maybe you novell/attachmate/suse folks get a differently rendered bugzilla output with other links, internal server addresses or whatever else.. you can simply tell me what certificate gets displayed in your firefox, chrome, opera or even internetexplorer or whatever else when you visit that https://esp.novell.com/AGLogout address in a fresh browser, in an anonymous borwser session, and so on. you can debug it all yourself and will most likely see the problem yourself. at all my networks and machines I have the following results: host esp.novell.com esp.novell.com has address 130.57.66.3 when I visit that e.g. by wget or curl or something C:\>wget -vS https://esp.novell.com/AGLogout -O NULL --2012-12-20 12:29:22-- https://esp.novell.com/AGLogout Resolving esp.novell.com... 130.57.66.3 Connecting to esp.novell.com|130.57.66.3|:443... connected. ERROR: cannot verify esp.novell.com's certificate, issued by `/C=US/O=DigiCert Inc/OU=www. digicert.com/CN=DigiCert High Assurance CA-3': Unable to locally verify the issuer's authority. ERROR: certificate common name `*.attachmategroup.com' doesn't match requested host name ` esp.novell.com'. To connect to esp.novell.com insecurely, use `--no-check-certificate'. Unable to establish SSL connection. in contrast to that "debugging" the https://bugzilla.novell.com address gives a different result, NOT complaining about hostname mismatch C:\>wget -vS https://bugzilla.novell.com -O NULL --2012-12-20 12:29:57-- https://bugzilla.novell.com/ Resolving bugzilla.novell.com... 130.57.66.9 Connecting to bugzilla.novell.com|130.57.66.9|:443... connected. ERROR: cannot verify bugzilla.novell.com's certificate, issued by `/C=US/O=DigiCert Inc/OU =www.digicert.com/CN=DigiCert High Assurance CA-3': Self-signed certificate encountered. To connect to bugzilla.novell.com insecurely, use `--no-check-certificate'. Unable to establish SSL connection. disregard the certificate/selfsigned warnings here, as my wget on windows isnt setup to know about certificates and certificate authorities etc... so there is clearly some hostname<->certificate mismatch here on the esp.novell.com when doing SSL/TLS with it. and thats the logout URL that gets rendered by the bugzilla pages at novell at least when I use my bugzilla account. very simple. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=794742 https://bugzilla.novell.com/show_bug.cgi?id=794742#c Marcus Rückert <mrueckert@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mrueckert@suse.com AssignedTo|bnc-team-screening@forge.pr |mehle@novell.com |ovo.novell.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=794742 https://bugzilla.novell.com/show_bug.cgi?id=794742#c9 Ryan Wilson <rywilson@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution| |FIXED --- Comment #9 from Ryan Wilson <rywilson@novell.com> 2013-01-02 16:40:36 UTC --- Necessary logout URL change has been made. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.