ERROR: Fetching the page failed because other errors


#1

My previous topic was closed without being solved.

When trying to validate cards at https://sv-issa.org/meetings/privileged-accounts-best-practices-and-practical-phased-approach-success I get the error message

ERROR: Fetching the page failed because other errors.

When I request it with CURL or Python ‘requests.get’ it works…

>>> import requests
>>> r = requests.get('https://sv-issa.org/meetings/privileged-accounts-best-practices-and-practical-phased-approach-success')
>>> r.status_code
200
>>> r.headers['content-type']
'text/html; charset=utf-8'
>>> r.text
u'<!DOCTY...

#2

Yes, that is happening because your SSL configuration is not accurate (and/or, as you said in the other thread, the crawler is not able to process an alternate address) - your cards work fine with the .net TLD, but the .org does not match the CN in the certificate:

$ openssl s_client -connect sv-issa.org:443 -tls1
...
Certificate chain
 0 s:/OU=Domain Control Validated/CN=sv-issa.net
...

On the crawler side, this results in an SslHandshakeException: handshake alert: unrecognized_name at remote address error from the JRE.

I can certainly raise it with the team responsible for the cards crawler, but I cannot make any promise that this behaviour will change in the short term.


#3

While the Subject CN is sv-issa.net there is another section of the certificate that your tool is not honoring:

openssl x509 -in sv-issa.net.crt -noout -text
...
    Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2
    Validity
        Not Before: Apr 30 00:17:38 2016 GMT
        Not After : Apr 30 19:58:12 2019 GMT
    Subject: OU=Domain Control Validated, CN=sv-issa.net
...
 X509v3 Subject Alternative Name:
            DNS:sv-issa.net, DNS:www.sv-issa.net, DNS:sv-issa.com, DNS:cornerstonesoftrust.net, DNS:sv-issa.org, DNS:cornerstonesoftrust.com

. This is not a certificate problem as just about every other browser and command line client supports this without error.
Since this is a multi-tenant hosting platform, I do not have control over the SSL certificate.


#4

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.