Question on https for slimesalad + firefox
Moderators: Bob the Hamster, marionline, SDHawk
- marionline
- Metal Slime
- Posts: 673
- Joined: Sat Feb 26, 2011 9:23 pm
Question on https for slimesalad + firefox
Hello!
I feel a bit stupid, but I am wondering what firefox's https-warning for slimesalad trying to tell me.
It says the website is not secure. Did anyone else notice?
The reasons shown are the certificate is self-signed and not valid for slimesalad.com.
I'm not sure about the meaning of this. Is it that my web browser went paranoid after an update?
I feel a bit stupid, but I am wondering what firefox's https-warning for slimesalad trying to tell me.
It says the website is not secure. Did anyone else notice?
The reasons shown are the certificate is self-signed and not valid for slimesalad.com.
I'm not sure about the meaning of this. Is it that my web browser went paranoid after an update?
- Bob the Hamster
- Lord of the Slimes
- Posts: 7660
- Joined: Tue Oct 16, 2007 2:34 pm
- Location: Hamster Republic (Ontario Enclave)
- Contact:
The certificate is issued by DreamHost to itself. But even if you add a security exception, you'll find that you can't actually access SS over https -- you get a "Site not found" error. I'm guessing that that certificate is probably only used as a fallback by the hosting company to show error messages in case the website hasn't set up https. DreamHost might charge extra for https hosting, since it increases resource usage.
Last edited by TMC on Wed Feb 01, 2017 11:54 pm, edited 1 time in total.
- Bob the Hamster
- Lord of the Slimes
- Posts: 7660
- Joined: Tue Oct 16, 2007 2:34 pm
- Location: Hamster Republic (Ontario Enclave)
- Contact:
Hello hi. I've added a SSL cert. I had assumed that I would have to pay cash moneys for a cert, but I guess that's so last decade at this point. I should probably set up htaccess forwarding to https at this point, hmm?Bob the Hamster wrote:I use dreamhost too, and they provide completely free https using "Let's Encrypt" I have it working on all my domains.
I was assuming that Mogri had created his own SSL cert sometime before dreamhost added Let's Encrypt support-- but that was just a guess, I really don't know
- Taco Bot
- Meat, Cheese, and Silicon
- Posts: 484
- Joined: Fri Jul 18, 2014 12:15 am
- Location: Santa Cruz
- Contact:
For sure. And thank you so much for setting up https. I was a little sketched out that ss was transmitting everything as plaintext. (I think? That's what I was led to believe?)Mogri wrote:Hello hi. I've added a SSL cert. I had assumed that I would have to pay cash moneys for a cert, but I guess that's so last decade at this point. I should probably set up htaccess forwarding to https at this point, hmm?
Sent from my iPhone
- Bob the Hamster
- Lord of the Slimes
- Posts: 7660
- Joined: Tue Oct 16, 2007 2:34 pm
- Location: Hamster Republic (Ontario Enclave)
- Contact:
Fantastic!
Let's Encrypt certs do have short expiry times though, have to watch out for that. It's apparently to encourage people to automate switching to new certificates regularly.
Let's Encrypt certs do have short expiry times though, have to watch out for that. It's apparently to encourage people to automate switching to new certificates regularly.
Last edited by TMC on Fri Mar 03, 2017 4:47 am, edited 1 time in total.
- Bob the Hamster
- Lord of the Slimes
- Posts: 7660
- Joined: Tue Oct 16, 2007 2:34 pm
- Location: Hamster Republic (Ontario Enclave)
- Contact:
yeah, the point behind the constant expiry is that it's better than trying to maintain a growing giant blacklist of "bad" certs. Instead, certs just expire really fast, not lingering around and being a pain in the butt for future browsers.TMC wrote:Fantastic!
Let's Encrypt certs do have short expiry times though, have to watch out for that. It's apparently to encourage people to automate switching to new certificates regularly.