Sign in to follow this  
Trulyvintage

Security certificate for website is expired ?

Recommended Posts

Whoever monitors this website - it appears the security certificate has expired.

 

That means if you are doing a google search & don’t have “ cookies “ stored

in your browser for this site - you will automatically redirected away.

 

 

Jim

Share this post


Link to post
Share on other sites

Looks different from my browser. Two things:

  1. There is no auto redirect from http to https which there ought to be.
  2. When I try https I get a security issue for host name mismatch. The cert is for *.cloudfront.net while the site is forums.aaca.org

I've always accessed the site using http so I hadn't noticed this before. But https, if configured properly, would be much better. The admin should resolve the certificate issue and then set the server to auto redirect any http traffic to https.

Share this post


Link to post
Share on other sites
10 hours ago, Trulyvintage said:

Whoever monitors this website - it appears the security certificate has expired.

 

That means if you are doing a google search & don’t have “ cookies “ stored

in your browser for this site - you will automatically redirected away.

 

 

Jim

 

Jim,

 

You may want to post this type of query in the Forum Software Questions / Problems topic on the forum index menu page.  In the meantime I reported it to the moderators.

 

Regards,

 

Peter J.

Share this post


Link to post
Share on other sites

Are you referring to the "Not a secure website" that pops up when we log on? Because I'm basically computer illiterate, should I be concerned?

Share this post


Link to post
Share on other sites
54 minutes ago, 46 woodie said:

Are you referring to the "Not a secure website" that pops up when we log on? Because I'm basically computer illiterate, should I be concerned?

 

Generally you should be concerned anytime you get a warning like that: It means that the website is either misconfigured (as in this case) or is being spoofed by someone else.

 

If spoofed then you could be exposing your account information to nefarious entities. So the general rule of thumb is to immediately close any browser window that gives you that type of pop up. I guess the exception to the rule would be that if you are computer security savvy enough to determine the exact cause of the pop up and decide that an individual case is okay. If you are asking this question then you probably aren't computer savvy enough to properly investigate the cause to determine it is safe.

Share this post


Link to post
Share on other sites

Oh, Google Chrome has been reporting this website as Not Secure for a while on my computers......

 

I didn't know the stuff I post for all the world to read should be secure.

  • Like 1

Share this post


Link to post
Share on other sites
1 hour ago, Frank DuVal said:

Oh, Google Chrome has been reporting this website as Not Secure for a while on my computers......

 

I didn't know the stuff I post for all the world to read should be secure.

Same for me...

Share this post


Link to post
Share on other sites
2 hours ago, Frank DuVal said:

Oh, Google Chrome has been reporting this website as Not Secure for a while on my computers......

 

I didn't know the stuff I post for all the world to read should be secure.

 

More to the point: Your account/login information for this website should be securely transmitted between your computer and the website. Especially as so may people re-use passwords, etc.

Share this post


Link to post
Share on other sites

So ....

 

My website has been active since 20006 - this has never been issue.

 

I would think if someone who was doing a search & was warned not to

visit this site because the security certificate has expired - might not visit.

 

Has the security certificate for this website actually expired ?

 

If so - then why ?

 

Jim

Share this post


Link to post
Share on other sites
1 hour ago, Trulyvintage said:

So ....

 

My website has been active since 20006 - this has never been issue.

 

I would think if someone who was doing a search & was warned not to

visit this site because the security certificate has expired - might not visit.

 

Has the security certificate for this website actually expired ?

 

If so - then why ?

 

Jim

I was having the same issue with some sites.  This may sound stupid, but have you checked your computer's date/time ?

 

Turns out that whenever I shutoff the power bar to my computer, it would not store the current date/time. When I rebooted the next day it would start up as usual, but  defaulted back to the date years earlier  when I bought it. Those numbers are very small down in the corner of the screen, and having a wall clock, I never look at them. So, it would gave me those certificate warnings when I'd go to some websites.  I learned to reset the date/time and no more certificate issues.

 

Paul

Share this post


Link to post
Share on other sites
5 hours ago, Trulyvintage said:

So ....

 

My website has been active since 20006 - this has never been issue.

 

I would think if someone who was doing a search & was warned not to

visit this site because the security certificate has expired - might not visit.

 

Has the security certificate for this website actually expired ?

 

If so - then why ?

 

Jim

 

I assume that is 2006. :)

 

As a push toward "https everywhere" major search engines, including Google, are now using the https vs http in ranking search results. So sites that use https will be listed first. Anyway, my personal old car website has been up since 1999 and I noticed it dropping on many search results ranking. I recently changed over to forcing https on connections and I see that at least some of my pages are ranked higher.

 

The AACA forum is apparently using CloudFront and I am not quite sure how https certificates work with that, but for a stand alone web site or even sites that are hosted using a lot of virtual server software it is pretty easy to setup https with Lets Encrypt.

  • Like 1

Share this post


Link to post
Share on other sites
12 hours ago, ply33 said:

 

More to the point: Your account/login information for this website should be securely transmitted between your computer and the website.

 

 

So what does the average non-computer techie do to fix this?

 

Everyone just stop using the site and let the moderators wonder where everybody went?  Similar to the first Twilight Zone episode.?

Edited by Frank DuVal (see edit history)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this