Expired Certification in Some Browsers
- Neo_Bri
- Posts: 1342
- Joined: Mar 21, 2018
Hi Chatters,
It was brought to my attention that TromboneChat's site certificate has expired this morning at 8:45 central time. I have personally experienced no interruption in service, but I understand it might be worrying or offputting if you get a security error relating to TC. We're looking into it, rest assured.
The problem seems to be manifesting in Firefox. Thanks for your patience!
It was brought to my attention that TromboneChat's site certificate has expired this morning at 8:45 central time. I have personally experienced no interruption in service, but I understand it might be worrying or offputting if you get a security error relating to TC. We're looking into it, rest assured.
The problem seems to be manifesting in Firefox. Thanks for your patience!
- LarryPrestonRoberson
- Posts: 201
- Joined: Mar 23, 2018
It is present in Google Chrome as well. It’s mostly just annoying. It’s worse in Firefox. Every time you change pages you have to allow it. I know you guys will solve the issue. Thanks to all the guys who keep this place up and running!
- kingsk1117
- Posts: 50
- Joined: May 21, 2018
In Firefox, I over-rode the security issue once, and it has not come up again.
- hyperbolica
- Posts: 3990
- Joined: Mar 23, 2018
Still happening in Opera mobile.
- Neo_Bri
- Posts: 1342
- Joined: Mar 21, 2018
I took care of re-purchasing SSL certificates today and we will implement these very soon. Likely Sunday. Stay tuned.
- jack
- Posts: 9
- Joined: Mar 26, 2018
[quote="Neo Bri"]I took care of re-purchasing SSL certificates today and we will implement these very soon. Likely Sunday. Stay tuned.[/quote]
The current expired certificate is issued by[url=https://letsencrypt.org/]LetsEncrypt, which issues certificates freely. EDIT: I'm curious why you didn't go with them again?
Important to note that every browser (including IE11) issues a security warning (specifically that the certificate expired on the 6th of July). The only way not to see it is by accessing the site from http rather than https, but hopefully most are accessing it over https. Once a new certificate is in place, I think it would be good to[url=http://www.trombonechat.com/viewtopic.php?f=4&t=87&p=531#p531]force httpsif possible.
The current expired certificate is issued by
Important to note that every browser (including IE11) issues a security warning (specifically that the certificate expired on the 6th of July). The only way not to see it is by accessing the site from http rather than https, but hopefully most are accessing it over https. Once a new certificate is in place, I think it would be good to
- Zandit75
- Posts: 82
- Joined: Apr 30, 2018
Is this supposed to be fixed yet? I'm still showing that the site is not secure, and getting the occasional popup.
- Matt_K
- Posts: 4809
- Joined: Mar 21, 2018
Depending on your browser, it takes a little bit of digging to find out why a site is labelled as "insecure". In the case of TBC, you'll notice that it isn't because the data is unencrypted (if you are using HTTPS it should be encrypted, although we currently nave it configured that you can optionally use it because of some initial login issues so we'll probably close that off when we fix the SSL cert), but that our site's ownership isn't verified.
Currently we're going through the verification process with a new vendor that we elected to use for a variety of reasons. If it were a serious security issue, we would shut the site down until it was fixed but given that the only limitation is that you can't pin down an address, we're just letting it run until we can prove the ownership of the site. Neobri filled out the paperwork yesterday but I don't believe they gave an ETA for how long they say the process will take.
Tl;dr, the "insecurity" is that a 3rd party hasn't verified the legal ownership of the site yet.
Currently we're going through the verification process with a new vendor that we elected to use for a variety of reasons. If it were a serious security issue, we would shut the site down until it was fixed but given that the only limitation is that you can't pin down an address, we're just letting it run until we can prove the ownership of the site. Neobri filled out the paperwork yesterday but I don't believe they gave an ETA for how long they say the process will take.
Tl;dr, the "insecurity" is that a 3rd party hasn't verified the legal ownership of the site yet.
- Neo_Bri
- Posts: 1342
- Joined: Mar 21, 2018
The verification is going to take longer than expected. This is not my choice, but it is the way it is, unfortunately. I promise that nothing nefarious is going on...mostly waiting.
- LarryPrestonRoberson
- Posts: 201
- Joined: Mar 23, 2018
[quote="Neo Bri"]The verification is going to take longer than expected. This is not my choice, but it is the way it is, unfortunately. I promise that nothing nefarious is going on...mostly waiting.[/quote]
Or, nothing like this:
http://www.tromboneforum.org/
:tongue:
Seriously though, thanks to all you guys for making this place great!
Or, nothing like this:
http://www.tromboneforum.org/
:tongue:
Seriously though, thanks to all you guys for making this place great!
- afugate
- Posts: 671
- Joined: Mar 23, 2018
[quote="LarryPrestonRoberson"]<QUOTE author="Neo Bri" post_id="63202" time="1531278945" user_id="50">
The verification is going to take longer than expected. This is not my choice, but it is the way it is, unfortunately. I promise that nothing nefarious is going on...mostly waiting.[/quote]
Or, nothing like this:
http://www.tromboneforum.org/
:tongue:
Seriously though, thanks to all you guys for making this place great!
</QUOTE>
Just 9 more months... <span class="emoji" title=":wink:">😉</span>
--Andy in OKC
The verification is going to take longer than expected. This is not my choice, but it is the way it is, unfortunately. I promise that nothing nefarious is going on...mostly waiting.[/quote]
Or, nothing like this:
http://www.tromboneforum.org/
:tongue:
Seriously though, thanks to all you guys for making this place great!
</QUOTE>
Just 9 more months... <span class="emoji" title=":wink:">😉</span>
--Andy in OKC