[OpenID] OpenID and HTTPS

Eric Norman ejnorman at doit.wisc.edu
Fri Feb 9 01:07:42 UTC 2007


On Feb 8, 2007, at 5:43 PM, Thomas Huhn wrote:

> First of all: protectnetwork.org was missing in the section "OpenID 
> Providers" - I´ve changed this :).

Yesterday, I wanted to log on so that I could add something to
the wiki.  I have an OpenID URL at protectnetwork.  And being
a security conscious bloke, by habit I typed it in as

    https://ejnorman.protectnetwork.org

All I got was an error that said something about invalid
OpenID URL.  I'm sorry I can't quote it here.  I was eventually
able to log in using just http instead.

My hunch is that this happened because the SSL certificate
for protectnetwork says it's idp.protectnetwork.org and
that doesn't match the DNS name I supplied (ejnorman...).

Did I guess right and a complaint should be aimed at
protectnetwork, or is this some other OpenID problem?

Eric Norman






More information about the general mailing list