Mattermost, Inc.

Certificate for paypal?

Summary

In the log files of my mattermost server i see a request for a paypal certificate from letsencrypt

Steps to reproduce

I have set up this server recently on an new ubuntu 16.04 VM, version 4.3.1 (Enterprise ready, no license).

Expected behavior

Just a normal setup with letsencrypt support enabled.

Observed behavior

In my syslog i saw this message this morning. The pid 30618 is the one from mattermost ‘platform’. There are only three users on the server, almost no activity. Why would the mattermost server request a certificate for Paypal???

Nov 2 07:44:58 office platform[30618]: 2017/11/02 07:44:58 [INFO][www.paypal.com] acme: Obtaining bundled SAN certificate
Nov 2 07:44:59 office platform[30618]: 2017/11/02 07:44:59 http: TLS handshake error from 95.85.33.89:41088: map[www.paypal.com:acme: Error 400 - urn:acme:error:rejectedIdentifier - Error creating new authz :: Policy forbids issuing for name]

Ah… i found out that if i put an entry on my local machine in /etc/hosts for for example Netscape and point it to my mattermost server, if i request https://www.netscape.com/ actually triggers the mattermost server to request a certificate from letsencrypt! This is of course very nice, but i does mean it is very easy to get a mattermost server blacklisted at letsencrypt for requesting a lot of bogus certificates…