TheVat Posted November 27, 2023 Posted November 27, 2023 This is a problem on Chrome browser, so I've switched over to Firefox, hoping I can post this. Chrome is generating some kind of error regarding the site's certificate, and refusing to allow me to post in a thread. If the site's certificate has been allowed to lapse, that will be a huge problem. IIRC, only browsers like duckduckgo can plow through certificate problems and let you post anyway. If this doesn't post, I will use a device at home that has DDG on it. Looks like Firefox is okay. Has anyone else had problems with Chrome today? LATER Back on Chrome, going to test this again. OK, now it is working okay. What a weird glitch.
Sensei Posted November 27, 2023 Posted November 27, 2023 https://www.google.com/search?q=ssl+certificate+checker "TLS Certificate expiration The certificate expires January 28, 2024 (62 days from today)" "Certificate Name matches scienceforums.net scienceforums.net Valid from 30/Oct/2023 to 28/Jan/2024 IssuerR3 R3 Valid from 04/Sep/2020 to 15/Sep/2025 IssuerISRG Root X1 ISRG Root X1 Valid from 20/Jan/2021 to 30/Sep/2024 IssuerDST Root CA X3" 45 minutes ago, TheVat said: IIRC, only browsers like duckduckgo can plow through certificate problems and let you post anyway. https://www.google.com/search?q=configure+firefox+ssl+ignore https://stackoverflow.com/questions/20088/is-there-a-way-to-make-firefox-ignore-invalid-ssl-certificates Try: "enter about:config into the firefox address bar and agree to continue. search for the preference named security.ssl.enable_ocsp_stapling. double-click this item to change its value to false." 1
TheVat Posted November 28, 2023 Author Posted November 28, 2023 Helpful stuff @Sensei - thank you. As you did, I checked the SSL certificate for SFN, at the Godaddy SSL tools page. The Firefox tweak is wonderful - there is an old site I visit sometimes, with expired certificates, and now I can use FFox, instead of switching to DDG. (the owner of that site hates to pay for anything like renewing the SSL cert.)
Sensei Posted November 28, 2023 Posted November 28, 2023 @TheVat SFN is certified by Let's Encrypt, so it's free. But you can configure it to renew automatically or manually. If it is configured automatically the script receives too much data about the server it is installed (admin privileges, ability to alter Apache server configuration etc.). It can be used to hack the server and/or install a backdoor. 9 hours ago, TheVat said: (the owner of that site hates to pay for anything like renewing the SSL cert.) Commercial pro SSL is quite expensive. More expensive than a domain. More expensive than a VPS..
Sensei Posted November 28, 2023 Posted November 28, 2023 17 hours ago, TheVat said: This is a problem on Chrome browser, Procedure for disabling SSL certificate verification errors in Chrome: https://superuser.com/questions/27268/how-do-i-disable-the-warning-chrome-gives-if-a-security-certificate-is-not-trust How about --ignore-certificate-errors in command-line?
Cap'n Refsmmat Posted November 28, 2023 Posted November 28, 2023 Yes, we use Let's Encrypt and automatically renew the certificate periodically. I'm not sure why you got an error -- if it happens again, can you record the exact error it shows you, and any details it might hide behind an Advanced or Show More button? I wouldn't disable certificate errors globally, as that's a serious security issue. We try to keep SFN's certificate updated (since it's free), so if there's a problem, we should fix it.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now