T O P I C R E V I E W |
TheIriaeban |
Posted - 13 Jan 2023 : 01:01:50 I keep getting an invalid certificate error in my browser when accessing the forums. Anyone else seeing that? |
24 L A T E S T R E P L I E S (Newest First) |
TBeholder |
Posted - 27 Jan 2023 : 23:42:49 Why not use Let's Encrypt? They give out free Domain Validation certificates, which are recognizable by browsers because they are on that certificate tree. That's all you need, right? |
Azar |
Posted - 20 Jan 2023 : 12:48:40 quote: Originally posted by Alaundo
quote: Originally posted by Azar
Another user on the site said that he is getting bounced out.
Well met
What does he mean exactly? Can you get him to email me at alaundo @ candlekeep.com please.
The cert issue is annoying, but this is down to local browser caching etc. now.
Specifically clearing the Cache (instead of the Cookies alone) did the trick for both of us, in the end. Thank you for the tip! |
Alaundo |
Posted - 20 Jan 2023 : 09:24:22 quote: Originally posted by Azar
Another user on the site said that he is getting bounced out.
Well met
What does he mean exactly? Can you get him to email me at alaundo @ candlekeep.com please.
The cert issue is annoying, but this is down to local browser caching etc. now. |
Azar |
Posted - 20 Jan 2023 : 01:15:39 Another user on the site said that he is getting bounced out. |
sleyvas |
Posted - 19 Jan 2023 : 18:45:04 quote: Originally posted by TBeholder
Still shows an error (self-signed certificate)... and if that's manually accepted, drops out to unsecure http.
quote: Originally posted by sleyvas
{CrankyMode On} I hate certs.... having to deal with this stuff in an internal corporate environment where noone pays attention to it and just clicks past it
Sounds no different from the way anything else is done in Dilbert's company.
quote: Don't get me wrong, I can see why they might be needed in some instances (I don't want someone somehow getting my bank's DNS entries for themselves and setting up a fake site).... but ~90% of things don't need it.
So for 90% of sites you are fine with... executing scripts from unknown sources?
The majority of things with certs like I'm talking about aren't even internet facing. Its internal management for devices running their own specialized O/S, etc... You could setup a self signed cert and set it to expire in 50 years, but then someone says "that's not good enough, you need one from a cert authority, and it has to expire every 3 years". Half the stuff you'd have to hack into the network, then get into a jumpbox in a special VRF that's absolutely cut off from the internet, then web browse to the management of your device.... hoop after hoop after hoop. |
TBeholder |
Posted - 19 Jan 2023 : 16:33:07 Still shows an error (self-signed certificate)... and if that's manually accepted, drops out to unsecure http.
quote: Originally posted by sleyvas
{CrankyMode On} I hate certs.... having to deal with this stuff in an internal corporate environment where noone pays attention to it and just clicks past it
Sounds no different from the way anything else is done in Dilbert's company.
quote: Don't get me wrong, I can see why they might be needed in some instances (I don't want someone somehow getting my bank's DNS entries for themselves and setting up a fake site).... but ~90% of things don't need it.
So for 90% of sites you are fine with... executing scripts from unknown sources? |
Azar |
Posted - 19 Jan 2023 : 09:37:01 quote: Originally posted by Storyteller Hero
The site is working on my Safari browser, but Chrome seems to keep blocking it due to "invalid certificate".
I wonder if this is a Chrome issue with certificates in general or if this specific certificate itself just doesn't jive with Chrome for whatever reason. |
Storyteller Hero |
Posted - 19 Jan 2023 : 07:27:54 The site is working on my Safari browser, but Chrome seems to keep blocking it due to "invalid certificate".
|
Azar |
Posted - 17 Jan 2023 : 13:03:39 quote: Originally posted by Wooly Rupert
quote: Originally posted by Azar
My rub with Edge - other than it being a descendant of Internet Explorer - is its comparative lack of customization.
So you can't try it for a particular website because you can't customize it?
I can try using that browser; I just don't want to be dependent on an entirely different browser for one subsection of a forum . |
Wooly Rupert |
Posted - 17 Jan 2023 : 11:00:52 quote: Originally posted by Azar
My rub with Edge - other than it being a descendant of Internet Explorer - is its comparative lack of customization.
So you can't try it for a particular website because you can't customize it? |
Azar |
Posted - 17 Jan 2023 : 10:25:03 My rub with Edge - other than it being a descendant of Internet Explorer - is its comparative lack of customization. |
Wooly Rupert |
Posted - 17 Jan 2023 : 03:46:43 Perhaps a different browser? I don't otherwise advocate for Edge, but I've not had any issues using it with this site. |
Azar |
Posted - 17 Jan 2023 : 03:08:56 An "Incognito" window does the trick, but...I'd hate for this to be the only solution. |
Ashe Ravenheart |
Posted - 17 Jan 2023 : 02:28:09 Might just be you. I'm not having any problems. |
Azar |
Posted - 17 Jan 2023 : 02:23:40 Clearing all cookies also did not help. |
Azar |
Posted - 16 Jan 2023 : 16:36:23 I cannot enter "General Forgotten Realms Chat"; clicking on the hyperlink causes my browser's window to flash and...nothing else. Clearing Candlekeep cookies and signing back in did not do the trick. |
Alaundo |
Posted - 16 Jan 2023 : 11:04:39 Well met
This should now be resolved. Any remaining issues, try clearing cookies or using an incognito session. |
sleyvas |
Posted - 13 Jan 2023 : 16:30:42 quote: Originally posted by Alaundo
Well met
Don't panic. This is due to Candlekeep being granted a free SSL certificate last year, which has now expired. Due to the nature of this site, it's not really necessary to have a certificate. I'll get this addressed shortly.
Please forgive me my rant for a moment... it is not aimed at you Alaundo or this site.
{CrankyMode On}
I hate certs.... having to deal with this stuff in an internal corporate environment where noone pays attention to it and just clicks past it ... or worse someone puts some policy on all the systems so that they are no longer allowed to click past cert issues and then people forget that X application was added 5 years earlier and the cert needs to be updated before it expires. So, the cert expires, a major incident is stood up and 50 people get dragged on a call to whine about the application being broken. Then half of those whiners have no clue and try to armchair troubleshoot the issue, while the other half are all asking "who manages this app and why aren't THEY on this call?". Meanwhile, all it does is create some stupid job for usually the same guy that's pushing the requirement to get certs updated for the people that have no idea how to do it. Don't get me wrong, I can see why they might be needed in some instances (I don't want someone somehow getting my bank's DNS entries for themselves and setting up a fake site).... but ~90% of things don't need it.
{CrankyMode Off} |
Alaundo |
Posted - 13 Jan 2023 : 07:08:38 Well met
Don't panic. This is due to Candlekeep being granted a free SSL certificate last year, which has now expired. Due to the nature of this site, it's not really necessary to have a certificate. I'll get this addressed shortly. |
Ayrik |
Posted - 13 Jan 2023 : 06:59:11 I'm guessing that Candlekeep's host failed to renew some license or update or whatever. A fixable problem which will quickly be corrected. |
Wooly Rupert |
Posted - 13 Jan 2023 : 04:07:12 quote: Originally posted by Ashe Ravenheart
quote: Originally posted by Wooly Rupert
Got the message, myself. I'm about to ping Big Al.
I wonder if it has to do with the link to Paizo's announcement. I'm noticing it comes up especially if going to that scroll. Since Paizo's site is down, the link doesn't respond, and maybe site security can't verify everything's good.
I don't see how it could possibly be related to that. The timing is mere coincidence.
I'm getting the same message when I hit the "Active Topics" link to see new posts.
Expanding on the error, it says the security certificate expired in the last day. I should expect that Big Al (or the host, depending on who owns the cert) just needs to renew it. |
Ashe Ravenheart |
Posted - 13 Jan 2023 : 02:20:49 quote: Originally posted by Wooly Rupert
Got the message, myself. I'm about to ping Big Al.
I wonder if it has to do with the link to Paizo's announcement. I'm noticing it comes up especially if going to that scroll. Since Paizo's site is down, the link doesn't respond, and maybe site security can't verify everything's good. |
Wooly Rupert |
Posted - 13 Jan 2023 : 01:55:36 Got the message, myself. I'm about to ping Big Al. |
Blademaster |
Posted - 13 Jan 2023 : 01:37:07 Yes, I just go the same message when I logged in this evening. |