Ticket #195 (Fixed)Wed Dec 03 12:50:27 UTC 2008

We noticed this today ourselves. The Comodo e-mail messages were saying a 12th December expiry, which is what I expected based on the previous renewal. When originally renewed Comodo based the expiry on the renewal date, not the old expiry date plus one year, so we lost a couple of weeks; I complained and they reissued the certificate, but evidently, they didn’t reissue one with a new expiry date!

I’ve already bought a new certificate, this time from GoDaddy; silly name, but SSL certificates seem to be much the same from company to company and GoDaddy were much cheaper than Comodo.

UCC certificates to cover all of our domains are very much more expensive (a little over £100/year, roughly, versus about £18/year) so we don’t bother buying them. Automatic redirection to www.riscosopen.org from any other domain is a good idea and I’ll look into adding it to the server configuration. To keep track of this, I’ll leave the fault open but change its severity to “enhancement”.

Redirection implemented. For SSL, the redirection happens too late; if a browser tries to connect via HTTPS on a different domain, then the user will already have been warned about the mismatch, if their browser implements such things. Should they proceed, though, the user will be redirected to a corrected HTTPS domain which means that subsequent bookmarks etc. would all be correct.

For insecure HTTP connections, the redirection is far more useful and should eliminate security warnings for users coming in via other domains if they subsequently try to log in via Hub.

Thanks for the suggestion.