Pipenv: SSL_PROTO_ERROR on docs.pipenv.org

Created on 25 Sep 2019 · 16Comments · Source: pypa/pipenv

(!)
https://docs.pipenv.org/en/latest/cli/

Chrome:

This site can’t provide a secure connectiondocs.pipenv.org sent an invalid response.
ERR_SSL_PROTOCOL_ERROR

Firefox:

Secure Connection Failed

An error occurred during a connection to docs.pipenv.org. Peer reports it experienced an internal error. Error code: SSL_ERROR_INTERNAL_ERROR_ALERT

Type

Source

mcallaghan-bsm

👍6 👀2 😕2

Most helpful comment

This is completely unacceptable for the blessed package manager. Please fix this with the upmost urgency.

jrabbit on 27 Sep 2019

👍5

All 16 comments

Kenneth Reitz revoked some of his domains and redirected most of RTD sites to kennethreitz.org, and the SSL certificate of the original site has been invalid.

frostming on 26 Sep 2019

😕2

Accessing http://docs.pipenv.org/ redirects to https://pipenv.kennethreitz.org/en/latest/

b71729 on 26 Sep 2019

Hm, that is unfortunate. What is "RTD"? Why are losing the pipenv.org top level domain?

mcallaghan-bsm on 26 Sep 2019

@mcallaghan-bsm RTD refers to readthedocs.io, the common site to host python docs. I am glad to see a PR to replace the URL but I doubt if kennethreitz.org is the final new home.

frostming on 26 Sep 2019

Ah (readthedocs)

Agreed, I don't think we want kennethreitz.org as the final new home.

I wonder what the problem was to cause us to abandon pipenv.org? (seems preferable to keep useful domains)

mcallaghan-bsm on 26 Sep 2019

@mcallaghan-bsm The domain is owned by Kenneth and the reason why he abandoned it is quite personal and I don't know.

frostming on 26 Sep 2019

This is completely unacceptable for the blessed package manager. Please fix this with the upmost urgency.

jrabbit on 27 Sep 2019

👍5

https://pipenv.readthedocs.io seems ok. But most links out there (PyPi included) still link to http://docs.pipenv.org/

jrd on 30 Sep 2019

Seconded - for me a google search gives https://docs.pipenv.org as the 3rd reply (after the GH repo & an article about pipenv).

thbar on 30 Sep 2019

As well as being the official documentation link in the README. This doesn't make the project look good.

tlgs on 1 Oct 2019

😕1

in the meantime, could anyone change the link to http://docs.pipenv.org (which does redirect to https://pipenv.kennethreitz.org/en/latest/)

thomasleveil on 2 Oct 2019

👍1

Fixed

frostming on 5 Oct 2019

👎1 👍1

pipenv.org is still broken as is https://docs.pipenv.org why exactly is this behavior being enabled?

jrabbit on 5 Oct 2019

👍1

Stumbled across more than a few links to docs.pipenv.org and wondered why. It's concerning that this as well as 2.python-requests.org are all broken. They both seem to resolve to 3.13.31.214 and give a similar error as below.

$ openssl s_client -showcerts -connect pipenv.org:443 -servername pipenv.org </dev/null
CONNECTED(00000005)
140520052326848:error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error:../ssl/record/rec_layer_s3.c:1528:SSL alert number 80
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 312 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

nicktimko on 12 Nov 2019

Can project maintainers produce a blog post (or something) to explain the WHY, WHAT, and HOW? It is likely desirable to explain what used to be, why it is changing, and the NEW strategy. (Feels atm for outsiders, a lot of grey/opaque with doubts)

mcallaghan-bsm on 12 Nov 2019

👍1

This is more than a small security issue now that they let the pipenv.org domain name lapse registration.