Skip to content

www.cutter.re has GitHub.io certificate, resulting in 'insecure webpage' when visiting https://www.cutter.re #57

New issue
New issue
Open
Open
www.cutter.re has GitHub.io certificate, resulting in 'insecure webpage' when visiting https://www.cutter.re#57
@JensTimmerman

Description

@JensTimmerman
JensTimmerman
opened on Mar 2, 2025

When visiting www.cutter.re I'm presented with a GitHub.io ssl certificate

wget https://www.cutter.re
--2025-03-02 12:38:38--  https://www.cutter.re/
Resolving www.cutter.re (www.cutter.re)... 185.199.110.153, 185.199.108.153, 185.199.109.153, ...
Connecting to www.cutter.re (www.cutter.re)|185.199.110.153|:443... connected.
ERROR: no certificate subject alternative

curl  https://www.cutter.re -v
* Host www.cutter.re:443 was resolved.
* IPv6: (none)
* IPv4: 185.199.110.153, 185.199.108.153, 185.199.109.153, 185.199.111.153
*   Trying 185.199.110.153:443...
* Connected to www.cutter.re (185.199.110.153) port 443
* ALPN: curl offers h2,http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/ssl/cert.pem
*  CApath: none
* (304) (IN), TLS handshake, Server hello (2):
* (304) (IN), TLS handshake, Unknown (8):
* (304) (IN), TLS handshake, Certificate (11):
* (304) (IN), TLS handshake, CERT verify (15):
* (304) (IN), TLS handshake, Finished (20):
* (304) (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / AEAD-CHACHA20-POLY1305-SHA256 / [blank] / UNDEF
* ALPN: server accepted h2
* Server certificate:
*  subject: C=US; ST=California; L=San Francisco; O=GitHub, Inc.; CN=*.github.io
*  start date: Mar 15 00:00:00 2024 GMT
*  expire date: Mar 14 23:59:59 2025 GMT
*  subjectAltName does not match host name www.cutter.re
* SSL: no alternative certificate subject name matches target host name 'www.cutter.re'
* Closing connection
curl: (60) SSL: no alternative certificate subject name matches target host name 'www.cutter.re'
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

you probably don't encounter this issue in a browser if you previously trusted the GitHub.io certificate once, the page does redirect you to cutter.io with a 301 Moved permanently

I encountered this when visiting links on the web that still point to www.cutter.re

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions