problem with certificate

hi,

sry this is a copy of https://github.com/peterbillam/muscript/issues/3 but I finally managed to login to gitlab.

I tried sending you an email to what I saw in the git log and it bounced back so here I am.

Thanks for all your open source contributions ! I am myself a FOSS contributor and I maintain the lua packages for the https://nixos.org/ distribution.

I have a problem when trying to download the archive described in the rockspec here (which is needed to install the package on my distrib): https://luarocks.org/modules/peterbillam/readline/3.3-0

Here is the first error I had running a curl wrapper called "nix-prefetch-url"

❌1 ❯ nix-prefetch-url http://www.pjb.com.au/comp/lua/readline-3.3.tar.gz
warning: error: unable to download
'http://www.pjb.com.au/comp/lua/readline-3.3.tar.gz': HTTP error 302
(curl error: SSL peer certificate or SSH remote key was not OK);
retrying in 305 ms
warning: error: unable to download
'http://www.pjb.com.au/comp/lua/readline-3.3.tar.gz': HTTP error 302
(curl error: SSL peer certificate or SSH remote key was not OK);
retrying in 699 ms
warning: error: unable to download
'http://www.pjb.com.au/comp/lua/readline-3.3.tar.gz': HTTP error 302
(curl error: SSL peer certificate or SSH remote key was not OK);
retrying in 1191 ms
warning: error: unable to download
'http://www.pjb.com.au/comp/lua/readline-3.3.tar.gz': HTTP error 302
(curl error: SSL peer certificate or SSH remote key was not OK);
retrying in 2810 ms
error: unable to download
'http://www.pjb.com.au/comp/lua/readline-3.3.tar.gz': HTTP error 302
(curl error: SSL peer certificate or SSH remote key was not OK)
nixpkgs3 on  bump-luarocks-packages took 6s
❌1 ❯ nix-prefetch-url http://pjb.com.au/comp/lua/readline-3.3.tar.gz
path is '/nix/store/19x0z1jbj35kw1gnzbqnvc9m65zc8cjk-readline-3.3.tar.gz'
1200abbqhr8p9xzxv0zwlcc99wfdqhxcq8vxnalsvflv4bidhfqs

(note that second call works if I remove the "www" prefix) I tried again with wget

➜ result/bin/wget http://www.pjb.com.au/comp/lua/readline-3.3.tar.gz
--2023-09-09 02:23:14--  http://[www.pjb.com.au](http://www.pjb.com.au/)/comp/lua/readline-3.3.tar.gz
Resolving [www.pjb.com.au](http://www.pjb.com.au/) ([www.pjb.com.au](http://www.pjb.com.au/))... 103.168.172.37, 103.168.172.52
Connecting to [www.pjb.com.au](http://www.pjb.com.au/) (www.pjb.com.au)|103.168.172.37|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.pjb.com.au/comp/lua/readline-3.3.tar.gz [following]
--2023-09-09 02:23:15--  https://www.pjb.com.au/comp/lua/readline-3.3.tar.gz
Connecting to [www.pjb.com.au](http://www.pjb.com.au/) ([www.pjb.com.au](http://www.pjb.com.au/))|103.168.172.37|:443... connected.
ERROR: no certificate subject alternative name matches
    requested host name ‘[www.pjb.com.au](http://www.pjb.com.au/)’.
To connect to [www.pjb.com.au](http://www.pjb.com.au/) insecurely, use `--no-check-certificate'.

❌5 ❯ result/bin/wget
http://www.pjb.com.au/comp/lua/readline-3.3.tar.gz
--no-check-certificate
--2023-09-09 02:23:32--  http://www.pjb.com.au/comp/lua/readline-3.3.tar.gz
Resolving [www.pjb.com.au](http://www.pjb.com.au/) ([www.pjb.com.au](http://www.pjb.com.au/))... 103.168.172.52, 103.168.172.37
Connecting to [www.pjb.com.au](http://www.pjb.com.au/) ([www.pjb.com.au](http://www.pjb.com.au/))|103.168.172.52|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.pjb.com.au/comp/lua/readline-3.3.tar.gz [following]
--2023-09-09 02:23:32--  https://www.pjb.com.au/comp/lua/readline-3.3.tar.gz
Connecting to [www.pjb.com.au](http://www.pjb.com.au/) ([www.pjb.com.au](http://www.pjb.com.au/))|103.168.172.52|:443... connected.
WARNING: no certificate subject alternative name matches
    requested host name ‘[www.pjb.com.au](http://www.pjb.com.au/)’.
HTTP request sent, awaiting response... 200 OK
Length: 16370 (16K) [application/x-gzip]
Saving to: ‘readline-3.3.tar.gz’

readline-3.3.tar.gz
100%[=======================================================================================================>]
 15.99K  --.-KB/s    in 0.03s

2023-09-09 02:23:33 (585 KB/s) - ‘readline-3.3.tar.gz’ saved [16370/16370]

Thus I wonder if you would be interested in either of these solutions:

• include www. to your website certificate
• reupload the readline rockspec with an url that doesn't contain the www ?
• alternatively reupload the rockspec with a github/gitlab archive.

Cheers !