When I try to navigate to SRP, I get the error that the security certificate expired yesterday.
Printable View
When I try to navigate to SRP, I get the error that the security certificate expired yesterday.
I use Firefox and it blocks my attempts to get here however I can override it.Quote:
Originally Posted by Bruno
I suppose a note to Ivan is in order? :shrug:
Cant get around the site without the warning popping up every time.
I'm a Mastodon with this computer crap so I'm of no help. I only use my desktop and as I said I use Firefox and it allows me to bypass the warning.
Attachment 293248
Same thing here. My tablet won't let me log onto the website at all. I get a popup here on the phone, but it let's me override security issues and log in.
Pete <:-}
I contacted gugi and it's been fixed--all should be running smoothly.
Sorry guys, the certificate expired at 16:25PM GMT (12:25PM ETD) today.
It is my bad :(
First, this is the 'better certificate' which covers multiple domains for us and I've set up additional restrictions and monitoring/notifications however, apparently, I screwed up a bit its automatic renewal.
I did get notifications about the renewal of the previous certificate which we're not using anymore (and I decided to keep around until it expires rather than revoking it) so I thought that meant the one we used is working properly :(
Secondly, when I realized it had expired I messed up again with my renew request(s). Because of all the extra features we have it took me a few tries to get the query right but by then I had exceeded my authentication limits with the certificate authority and had to wait, I think an hour, before it would let me do it.
The good news is that this is over and the site is working again properly with strong encryption.
There may be cacheing issues, so closing a browser session or if that doesn't work, clearing the cookies should fix it.
Again, I apologize for the inconvenience.
You're the computer god!
Thanks for fixing so quickly and for all the efforts you put into this fine forum.
You are allowed to make a mistake or two as far as I'm concerned as its so far beyond my ability, I would have never known what to do.
:bow
I'm glad it's fixed. I still don't have any clue as to what you are talking about, but I'm glad you fixed it anyway!
Thank you for being so gracious!
I help making sure we have the infrastructure to support our community but it's really all of us together that make our community what it is!
The great thing is that while each of us contributes as we can everyone is welcome to be part of it and enjoy :)
I only wish that certain characters of low morals and high greed would stop trying to target our infrastructure and give up their attempts to destroy us. It has not worked so far, it will not work ever, and at the end it will cost them dearly ;)
Let keep doing what we do best - enjoy the community, help each other and anyone else who stops by!
I know that Google will soon be blocking all web sites that use http rather than the secure https protocol. They are trying to force the conversion.
It has not been all that long since this forum changed from http to https.
All web sites conducting financial transactions or that have login procedures certainly need to be secure. However, there are a lot of smaller "information only" web sites put up by individuals and non-profit organizations that will be effectively shut down until they are able to convert the web site over to https. This will become an impediment to free speech.
Not really. Everyone can get certificates.Quote:
Originally Posted by RayClem
The problem is that even small mom and pop websites can cause damage if they are hacked.
For example, SRP has a module that allows you to pay for vendor status via a link to paypal. If an attacker can insert themselves at that point, they can steal money and perhaps even take over your paypal account. SRP may not be a small site in your definition. But even if a small site has zero financial ties, lack of encryption may enable an attacker to harvest personal information from a site, usernames, passwords, emails, birthdays, etc. And all that information itself can be used for identity fraud, credit card fraud, password guessing, etc.
HTTPS has one purpose only: to make sure that noone can read anything between your computer and the server hosting the website, and noone can insert themselves in the communication and pretend to be the client or the server.
With everything being connected to the internet, and devices with personal information being attacked from all sides, there is not a single good reason to use plain http. Every webserver supports https, including the open source webservers. All web clients support https, including the open source ones. And everyone who can register a domain can also get the certificates. In other words, there is absolutely no impact on free speech.
Security is not something anyone should ignore, and https has been around and mainstream for many years. And switching from http to https does not require investment. It is literally just a matter of doing it, whether you are an individual or NPO. Even wetshaversworkshop has switched to https and we are extremely small.
Btw, one argument you could bring up is how it may affect people running older webservers or systems that do not yet support that. Let me assure you this: ANYTHING that is old enough not to support out of the box https and is still connected to the internet has been subverted already and is acting as a tor node, a botnet node, or storage for malicious files. Websites are under attack day and night by spammers and hackers. I know wetshaversworkshop is and I imagine SRP is attacked on a daily basis by automated tools just looking for a way in. even my snailforge website which is pretty much ignored by everyone including myself, is attacked several times per day.
I had a web site running on a server belonging to a former SRP admin, and after I had neglected my site for a year, I got a call from him, asking me for permission to delete the entire thing because an automated attack had used a recently discovered vulnerability to get in and fill the harddrive with torrent files.
Free speech is unaffected, and anything that is old enough to not support https is running in zombie mode already.
No apologies necessary - thanks for your hard work!!!
