|
HI there, I have set up version 2.2.3 of Mercurial successfully on my account, and a colleague has also managed to set it up. We have an issue with https where we need to use "--insecure" to run some commands as the https certificate found is the webfaction certificate rather than a wild card certificate we are using for the domain. Is there a way to specify which certificate is used by mercurial? Many thanks, Stephen |
|
Okay, it looks like the problem is that your software - in this case Mercurial and therefore python - is not configured to support Server Name Indication (SNI), so it retrieves the default (WebFaction) certificate when connecting. SNI is useful because it enables you to serve a custom SSL Certificate without requiring a dedicated IP address. However, not everything supports SNI. One solution is to purchase a dedicated IP address for your website. If using a dedicated IP, then the certificate will be served as the default for that IP and not using SNI. Dedicated IP addresses are not free, though; they cost $5/month. Another option is to configure your local software to support SNI. Support for SNI has already been added to Python, but only in Python 3.2 (python 2.x is only receiving bug fixes, not new features). But it seems like you could apply the patch (raw) against Python 2.6.1 manually. Thanks Ryan, very helpful. We'll look into SNI in more detail... or possibly add the dedicated IP address. I've got round the problem temporarily by setting up a private Bitbucket repository, but that's not ideal! |
Can you provide the domain so that we can confirm that the certificate itself is operating as expected?
The domain is https://support.monea.cc, thanks!