Is the SSL certificate for downloads.www.ads-software.com expired?

  • I’m working on setting up a new site, very routine process on a dev server I have been using for a couple of years, but I am suddenly finding that I cannot install any plugins, themes or updates. I get this error:

    Installation failed: Download failed. cURL error 60: SSL: no alternative certificate subject name matches target host name ‘downloads.www.ads-software.com’

    Is this a problem anyone else is encountering, or is it something specific to my server?

    EDIT: This does appear to be something specific to my server; I just tried installing plugins/themes on another server I manage and had no problems. Anyway… I’ve been using WordPress for over a decade and have done “light” sysadmin for nearly 30 years and I’ve never encountered this problem. Any ideas what might be going on?

    • This topic was modified 1 year, 4 months ago by room34.
    • This topic was modified 1 year, 4 months ago by room34.
    • This topic was modified 1 year, 4 months ago by room34.
Viewing 12 replies - 1 through 12 (of 12 total)
  • Thread Starter room34

    (@room34)

    OK, it’s definitely an issue with my server. Other sites on the server that have WP_DEBUG enabled are throwing this message frequently:

    Warning: An unexpected error occurred. Something may be wrong with www.ads-software.com or this server’s configuration. If you continue to have problems, please try the support forums. (WordPress could not establish a secure connection to www.ads-software.com. Please contact your server administrator.)

    My best guess is that this may be related to an update in Ubuntu 22.04.2 LTS that I just ran this morning, but I’m kind of at a loss.

    Thread Starter room34

    (@room34)

    A bit of googling has brought me to suggestions that this issue can be worked around by adding a DNS entry for api.www.ads-software.com to the server’s /etc/hosts file. The IP address to use that I’m seeing in multiple articles is:

    66.155.40.202

    But when I do an nslookup on my server (even if I switch DNS to 8.8.8.8) is:

    198.143.164.251

    Can anyone confirm what the correct IP for api.www.ads-software.com is?

    If I try pinging 66.155.40.202 I don’t get any response, so I don’t know if the articles I’m reading are out of date and this domain has moved to a new IP, or if there’s really something messed up with my server’s DNS resolution.

    • This reply was modified 1 year, 4 months ago by room34.
    Thread Starter room34

    (@room34)

    OK: I can confirm that the problem is happening after the Ubuntu updates, but that it was not occurring before the Ubuntu updates.

    Here is a list of the packages that were updated this morning:

    cloud-init curl grub-common grub-pc grub-pc-bin grub2-common initramfs-tools initramfs-tools-bin initramfs-tools-core iotop libcurl3-gnutls libcurl4 libidn12 libmm-glib0 modemmanager python3-debian ubuntu-advantage-tools ubuntu-minimal ubuntu-server ubuntu-standard

    I also noticed this warning. I do not have ESM installed so I don’t have an option to do anything about this, but it may be relevant:

    An OpenSSL vulnerability has recently been fixed with USN-6188-1 & 6119-1:
    CVE-2023-2650: possible DoS translating ASN.1 object identifiers.
    Ensure you have updated the package to its latest version.

    This does seem like it is probably related to the issue. I need to investigate further to see what if anything I can do about this.

    Probably also worth noting that my sites are using Let’s Encrypt for SSL.

    Moderator Yui

    (@fierevere)

    永子

    please dont lock www.ads-software.com IPs in /etc/hosts , its a way to ask for problems , we have short TTL and IPs are subject to change.

    i just checked from Ubuntu bionic, no issue.

    Anonymous User 21046017

    (@anonymized-21046017)

    Guys, it seems like a bug in curl for wildcard cert.

    New updates available now:

    apt update
    apt list --upgradable

    curl
    libcurl3-gnutls
    libcurl4-openssl-dev
    libcurl4

    apt upgrade

    Issue resolved.

    I believe this is not a WordPress issue. Raher a glitch on Ubuntu side.
    A new set of updates (see @anonymized-21046017 ‘s post up there) has been released for Ubuntu 22.04. If you install these updates “too”. Then the problem seems to be solved. But you have to reboot the server. Restarting the web server service did not suffice.

    Thread Starter room34

    (@room34)

    @jomateix Yes, I think you are correct that this is not WordPress-specific, although it seems like something that is going to potentially manifest itself more commonly for WordPress than for other sites. That said, I have also noticed today since the update that SFTP is extremely slow and unreliable on the same server. Seems likely to be related, but I’m not positive. We’ll see if the new set of updates fixes the problem!

    Gulshan Kumar

    (@thegulshankumar)

    Same here

    Moderator Yui

    (@fierevere)

    永子

    should be fixed after ubuntu update

    there is a fix for this report on board with latest curl jammy 7.81.0 ubuntu 1.11 info: https://bugs.launchpad.net/ubuntu/+source/curl/+bug/2028170 changelog: https://launchpad.net/ubuntu/jammy/+source/curl/+changelog

    Also having this issue on Ubuntu 22.04 – I updated security packages:

    apt update && unattended-upgrade -d

    Then re-issue Lets Encrypt Cert on a site by site basis

    Same with my new website. Never happen before this.

    I have the same problem as yours. I didn’t remember when it happened, just suddenly happened. I just remembered I update my security plugin in plesk platform.

    • This reply was modified 1 year, 4 months ago by jmcico.
    • This reply was modified 1 year, 4 months ago by jmcico.
Viewing 12 replies - 1 through 12 (of 12 total)
  • The topic ‘Is the SSL certificate for downloads.www.ads-software.com expired?’ is closed to new replies.