I put largeformatphotography into my Firefox browser and got a “website for sale” message.
I put largeformatphotography into my Firefox browser and got a “website for sale” message.
TLS/SSL certificates are used to encrypt data between your web browser and the remote web server. This prevents people from reading the contents of the web traffic between you and the server. They also can be used to verify the identity of the owner of the remote server as in theory only an authorized person would have access to the certificate for the company.
These TLS/SSL certificates can also be used to encrypt traffic and validate the remote end of a connection for other type of internet traffic like email. The vast majority of certificates are used around web traffic.
There are various Certificate Authorities (CAs) that sell certificates. They have various guidelines that they follow to authenticate a user has control of the domain name that they want a certificate issued for. Browsers and operating systems have a set of CAs that they trust. If a CA starts doing something fishy (like issuing certificates without verification), browsers have removed them from their built in trusted list making it so that all certificates issues by the CA show up as invalid and untrusted in that browser. This is a rare occurance.
The CAs have various offerings for certificates with specific features at various cost points. Usually they start at a couple of hundred dollars for a certificate that lasts a year. One special case is Lets Encrypt. They are a non-profit that gives out free certificates (after validation) to help encourage web server administrators to offer encrypted traffic. These certificates are only valid for only 90 days at a time. Often if someone obtain a certificate from Lets Encrypt they setup some automation that requests new certificates on a regular basis and installs them automatically.
There has been some effort from web browsers to get all web traffic encrypted. I think most browsers have changed over to try to get encrypted traffic first (using https) and if that fails to fall back to unencrypted (http.). Firefox has an option called HTTPS-Only mode which will switch all traffic over to https if the web server supports it.
Another related thing to the certificate is a feature called HTTP Strict Transport Security. Once you connect to a server that is configured with this setting, your browser will only try to connect to it via https and will refuse to connect without encryption (http) or to an invalid cert. I am running into this when I try to load the site in Firefox. I was able to login to post this now by using Chrome and specifically going to the http:// address (I wanted to see if there were any updates around the certificate.)
-Darren
Tom will deserve that credit, not me. Ralph took steps to engage Tom and all I did was pass that long to you guys. As usual, our host (QT) pays the bill.
Certificates are encrypted tags issued by trusted third parties to provide an independent validation that a site is not being spoofed by bad guys. They are not expensive but it is a pain in the rear to keep up with them.
Rick “who usually lets his expire and has to start over every year” Denney
I have the issue using Microsoft Edge. I'm now using Chrome but still get the error warning. When I get the warning message I click on the Advance button which opens a link to the site, then Click on the link and it opens up the site to log in. I hope y'all can get the issue solved. Thanks guys.
Funny thing is I can get to the page using Edge but not Chrome. Must be some of the privacy settings are different.
The main thing is that traffic and postings to this site are way, way down, so that is reason enough to get a new cert so that folks don't just give up when they get a warning from their browser.
I run Ubuntu Studio, and Firefox with Duck Duck Go. on my computers. I noticed that warning a few days ago but I could go ahead and connect. I know traffic has been way down so I tried my iPhone yesterday and could not get in with Safari or Firefox.
On an Apple computer running macOS Monterey, all I had to do was use my passcode to override the warning about the absence of a certificate.
Seems to be working on Chrome now without using Incognito Mode.
Jim Cole
Flagstaff, AZ
Bookmarks