search

h2oai / h2o-3

H2O is an Open Source, Distributed, Fast & Scalable Machine Learning Platform: Deep Learning, Gradient Boosting (GBM) & XGBoost, Random Forest, Generalized Linear Modeling (GLM with Elastic Net), K-Means, PCA, Generalized Additive Models (GAM), RuleFit, Support Vector Machine (SVM), Stacked Ensembles, Automatic Machine Learning (AutoML), etc.
http://h2o.ai
Apache License 2.0
6.9k stars 2k forks source link

Incorrect SSL cert (and DNS?) for h2o.ai website #10073

Open exalate-issue-sync[bot] opened 1 year ago

exalate-issue-sync[bot] commented 1 year ago

https://h2o.ai/ hangs (both Firefox and Chrome). https://www.h2o.ai/ comes up with an error in both Firefox and Chrome.

Chrome says: "Your connection is not private Attackers might be trying to steal your information from www.h2o.ai (for example, passwords, messages, or credit cards)."

Firefox says: "The owner of www.h2o.ai has configured their web site improperly. To protect your information from being stolen, Firefox has not connected to this web site."

The problem is a bad SSL certification has been installed: The certificate is only valid for the following names: *.herokuapp.com, herokuapp.com

With https://letsencrypt.org/ and others offering free SSL certs there is really no excuse not to be offering it. (But I've flagged this as improvement, not bug, in case you have a good reason not to allow https - in that case the existing SSL cert should be uninstalled and unconfigured.)

BTW, for the https://h2o.ai/ you want to configure DNS to redirect to https://www.h2o.ai, as the canonical URL. (This redirect works for http, so you may already have DNS configured?)

h2o-ops commented 1 year ago

JIRA Issue Migration Info

Jira Issue: PUBDEV-3150 Assignee: New H2O Bugs Reporter: Darren Cook State: Open Fix Version: N/A Attachments: N/A Development PRs: N/A