It seems that "wordpress.org" serves the wrong certificate when my WordPress tries to download an update to 3.7.1.
I get the following error:
Download failed. SSL: certificate subject name '*.wordpress.org' does not match target host name 'wordpress.org'
I get this issue on more than half the sites under our maintenance. Some other WordPress instances seem to download updates via http instead of https, which does not cause any issue. By the way, all sites are http sites by them selves.
I've found code snippets to add to themes to circumvent/ignore SSL errors, but it just seems wrong to use those, as SSL is there to guarantee the origin of an update, right?
Could you please correct the certificate served for wordpress.org (without www)? For http://www.wordpress.org the wildcard certificate is correct. Or is there another cause and solution for this problem?