Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1610228

Summary: HSTS + bad cert = http://directory.fedoraproject.org/ inaccessible
Product: Red Hat Directory Server Reporter: Paul Harvey <pharvey>
Component: DocumentationAssignee: Marc Muehlfeld <mmuehlfe>
Status: CLOSED CANTFIX QA Contact: Viktor Ashirov <vashirov>
Severity: low Docs Contact:
Priority: unspecified    
Version: 11.0CC: nhosoi, nkinder, rhel-docs, rmeggins
Target Milestone: ---   
Target Release: ---   
Hardware: noarch   
OS: Other   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-07-31 10:08:45 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
screenshot of chrome 69 cert error/headers none

Description Paul Harvey 2018-07-31 09:13:19 UTC 
Created attachment 1471742 [details]
screenshot of chrome 69 cert error/headers

Document URL: http://directory.fedoraproject.org/

Section Number and Name: 

Describe the issue: From inside the Red Hat network, http://directory.fedoraproject.org/ works fine, but from the outside it bounces to https:// which has an invalid cert. It is not possible to visit directory.fedoraproject.org from the outside without a certificate error. In Google Chrome 69, the site is completely inaccessible unless about:config tweaks are made.

Suggestions for improvement: Fix the certificate (because "Non-Authoritative-Reason: HSTS" is set, see screenshot), and redirect to port389.org


Additional information: I think a lot of 389ds users are probably seeing this, http://port389.org isn't well known to google yet (not that https://port389.org has a valid cert either, but can visited without a cert error on http://).

This might not be be the best place to report this issue, but feel free to close and let me know where to report it :)

Document URL: 

Section Number and Name: 

Describe the issue: 

Suggestions for improvement: 

Additional information: