* Trying 185.199.108.133:443...
* Connected to raw.githubusercontent.com (185.199.108.133) port 443 (#0)
[...]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: C=US; ST=California; L=San Francisco; O=GitHub, Inc.; CN=*.github.io
* start date: Feb 21 00:00:00 2023 GMT
* expire date: Mar 20 23:59:59 2024 GMT
* subjectAltName does not match raw.githubusercontent.com
* SSL: no alternative certificate subject name matches target host name 'raw.githubusercontent.com'
curl: (60) SSL: no alternative certificate subject name matches target host name 'raw.githubusercontent.com'
More details here: https://curl.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
--
The alt name looks proper when looking at the cert w/ s_client:
With the latest curl, I'm getting the following:
curl -v https:/ /raw.githubuser content. com
* Trying 185.199. 108.133: 443... ontent. com (185.199.108.133) port 443 (#0) 256_GCM_ SHA384 ontent. com content. com' content. com' /curl.se/ docs/sslcerts. html
* Connected to raw.githubuserc
[...]
* SSL connection using TLSv1.3 / TLS_AES_
* ALPN, server accepted to use h2
* Server certificate:
* subject: C=US; ST=California; L=San Francisco; O=GitHub, Inc.; CN=*.github.io
* start date: Feb 21 00:00:00 2023 GMT
* expire date: Mar 20 23:59:59 2024 GMT
* subjectAltName does not match raw.githubuserc
* SSL: no alternative certificate subject name matches target host name 'raw.githubuser
curl: (60) SSL: no alternative certificate subject name matches target host name 'raw.githubuser
More details here: https:/
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
--
The alt name looks proper when looking at the cert w/ s_client:
openssl s_client -connect raw.githubuserc ontent. com:443 </dev/null 2>/dev/null | openssl x509 -noout -text
X509v3 Subject Alternative Name:
DNS:* .github. io, DNS:github.io, DNS:*.github.com, DNS:github.com, DNS:www.github.com, DNS:*.githubuse rcontent. com, DNS:githubuserc ontent. com
Previous versions of curl work as intended.