Spotify launch suffers redirect bungle

Spotify's Australian launch seems to have failed on at least one level: Australians visiting the specific "spotify.com.au" site this morning to sign up found that it had an invalid security certificate.

The error security certificate
(Screenshot by Suzanne Tindal/ZDNet Australia)

Users who found the Spotify service through Google or via the blog announcing the Australian launch were directed to an Australian section of the US site, and were able to sign up without any problems — as spotify.com has a valid certificate issued by a third-party certificate authority.

However, users who specifically went to www.spotify.com.au were not redirected to the US site; rather, they remained on the spotify.com.au domain, with the site serving up the US certificate, which did not work.

Security certificates are served to web browsers connecting to sites using the HTTPS protocol, so that the browser can inform users on whether a site is authentic.

Therefore, users who attempted to sign up for the Spotify service this morning on the Australian site using the dedicated "sign up" button on the top right-hand side of the page were confronted with a warning stating that the site may not be secure, and telling users to continue on to the sign-up process at their own risk.

The company has since fixed this issue by redirecting all Australian users to the Australian portion of the US site, as might have been the original plan, given the lack of a security certificate for the Australian site.

Spotify has been contacted on how the mix-up occurred, but declined to provide any comment.