Bug 414291

Summary: https://valgrind.org has an invalid certificate
Product: [Developer tools] valgrind Reporter: Per Mildner <Per.Mildner>
Component: generalAssignee: Julian Seward <jseward>
Status: RESOLVED FIXED    
Severity: normal CC: tom
Priority: NOR    
Version First Reported In: unspecified   
Target Milestone: ---   
Platform: Other   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:
Attachments: Firefox warning and information

Description Per Mildner 2019-11-19 10:05:59 UTC 
Created attachment 124008 [details]
Firefox warning and information

The certificate for https://valgrind.org is for another site, so browesers (Firefox, Chrome) refuse to enter.
Comment 1 Tom Hughes 2019-11-19 10:09:46 UTC 
Where did you see that URL advertised?
Comment 2 Julian Seward 2019-11-19 10:55:05 UTC 
It should be fixed now.  Per, can you try again?
Comment 3 Per Mildner 2019-11-19 11:02:00 UTC 
It works now. Thanks.

(I did not see that URL advertised but I use https for everything, if at all possible.)
Comment 4 Tom Hughes 2019-11-19 11:47:15 UTC 
Well that is what I suspect and was kind of my point - it is not valid to assume that you can just replace http with https.

When a site has not been https enabled and you try that you are going to get an error, whether a mismatch like this because you get a certificate for a different site on the same machine or a self signed certificate or just a connection failure.

It's fixed now anyway, and valgrind.org is improved by being https enabled which is a good outcome.
Comment 5 Per Mildner 2019-11-19 11:53:19 UTC 
It is indeed a good outcome. Plain http is obsolete and Google Chrome, for instance, shows such sites as "Not Secure", which is not a good first impression.

So, perhaps the https version of the URL should be what is advertised henceforth?