Jump to content
Head Coach Openings 2024 ×
  • Current Donation Goals

    • Raised $2,716 of $3,600 target

Website NOT secure?


Recommended Posts

On 9/7/2020 at 3:26 PM, Muda69 said:

The default font with this new version of the forum software has a lot to be desired.  At least with how it renders on Firefox.

 

So it's OK for GID user passwords to possibly be sent over the network unencrypted as may be the case when you have SSL certificate issues?

 

 

You were still transferring over a secure port using HTTPS. The only problem was your browser wasn't convinced we were to be trusted because the certificate it was receiving was expired. Only difference in what is happening now verses what was happening a couple days ago is the certificate it sees now has an expiration of 9/2/2022 instead of 9/2/2020. If you click on the little lock in the address bar and then on the certificate link you can see this for yourself.

 

...but it may expire in 2021 anyhow as new standards are being rolled out right now that mandates yearly expiration dates, no more multi year certificates in the near future.

Link to comment
Share on other sites

1 hour ago, DK_Barons said:

 

You were still transferring over a secure port using HTTPS. The only problem was your browser wasn't convinced we were to be trusted because the certificate it was receiving was expired. Only difference in what is happening now verses what was happening a couple days ago is the certificate it sees now has an expiration of 9/2/2022 instead of 9/2/2020. If you click on the little lock in the address bar and then on the certificate link you can see this for yourself.

 

...but it may expire in 2021 anyhow as new standards are being rolled out right now that mandates yearly expiration dates, no more multi year certificates in the near future.

I can confirm this...

tgd cert.jpg

  • Thanks 1
Link to comment
Share on other sites

A member of the GID "team" has admitted to sharing text messages with like minded forum members. Another forum member has stated he was stalked on social media sites by two members of this forum who he considers lunatics. He wonders how those two lunatics knew his real name. 

Link to comment
Share on other sites

5 hours ago, DK_Barons said:

...but it may expire in 2021 anyhow as new standards are being rolled out right now that mandates yearly expiration dates, no more multi year certificates in the near future.

Sounds like primarily a money grab for the certificate issuers like Network Solutions, who currently provide the certificates for the organization I work at.   All under the guise of "more secure" I'm sure..............

 

Link to comment
Share on other sites

On 9/9/2020 at 1:42 AM, DK_Barons said:

It wasn't the certificate in this case...

It was me not setting up the permissions correctly. The user running Apache didn't not have read access to the new certs. A couple command line entries to tell SELinux it was alright for Apache to read those and we were rolling again.

 

 

Been there - done that 😒

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...