Recieved message: "This Connection is Untrusted"

Started by Rainsinger, February 13, 2010, 11:11:03 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Rainsinger

There's been a couple of times now while visiting the forums I've gotten the message "This Connection is Untrusted" and warning me of possible security issues.  Both times this has happened when I clicked a link to another page on the forums (for example, clicking a link to someone's "Absences" thread, listed in their signature), which opened in a new tab of my browser.

I'm not sure what this is about but thought it was rather odd.  I thought I'd mention it, just in case.  I'm using Firefox in Windows XP, if that makes a difference.

Vekseid

If you're using https, people's links in their sigs aren't forced to https, so it will break. SMF intentionally breaks attempts to get around this : /

Rainsinger

I'm not sure I fully understand that.  But I'm guessing that I can interpret this as saying it's just a mis-communication type of thing, and nothing to worry about.  (The browser having an internal mis-communication, that is.  Or however you want to put it.)  And sounds like you know what the problem is, so I won't worry about it.  :)

Vekseid

If you go to
https://elliquiy.com/forums/index.php?topic=60722.0
You'll go to the https (secure) version of Elliquiy. If you then click on a link in your sig it may tell you you are going back to the unsecure version : )

DrFier

It's because Veks is using someone else's encryption key. Since the key links back to them, your browser assumes that he's Spoofing their site, and trying to steal your identity.
Ons and Offs
Ideas
The Doctor is out.


Screen images simulated. Not an actual physician. Professional driver on a closed course, do not attempt. If you have an erection lasting more than four hours, contact your significant other.

Vekseid

...huh?

If you're seeing the wrong key, something is obviously seriously wrong. The certificate is for elliquiy.com as verified by Comodo.

DrFier

QuoteThe certificate is not trusted because the issuer certificate is unknown

I wasn't paying attention. I guess it's your issuer that doesn't seem to be valid.
Ons and Offs
Ideas
The Doctor is out.


Screen images simulated. Not an actual physician. Professional driver on a closed course, do not attempt. If you have an erection lasting more than four hours, contact your significant other.

Vekseid

Hm. It seems Opera as of 9.64 doesn't have the certificate as root.

Opera 10.5 does, however (just verified >_>). Would highly recommend moving to 10.5 if you use Opera anyway.

DrFier

Actually using Firefox 3.5.8, but I don't use https for E or care enough about an error message to go out of my way to fix it. I could add it to an exception list, but then I wont know if it fixes itself.
Ons and Offs
Ideas
The Doctor is out.


Screen images simulated. Not an actual physician. Professional driver on a closed course, do not attempt. If you have an erection lasting more than four hours, contact your significant other.

Vekseid

Hm. Not sure why you'd see that unless you deleted the root cert manually (which some people actually recommend doing as the verification process is known to be somewhat weak).

DrFier

Don't have any reason to do that because I rarely use sites that require HTTPS.
Ons and Offs
Ideas
The Doctor is out.


Screen images simulated. Not an actual physician. Professional driver on a closed course, do not attempt. If you have an erection lasting more than four hours, contact your significant other.

Vekseid

May just have to bite the bullet someday and lay out for a real cert : / Unfortunately this is light-years better than the previous one.

DrFier

I don't know how good of one is needed. How much effort is someone going to go to to steal our RPs XD.

Unless this affects donators too, that would be a different story.
Ons and Offs
Ideas
The Doctor is out.


Screen images simulated. Not an actual physician. Professional driver on a closed course, do not attempt. If you have an erection lasting more than four hours, contact your significant other.

Vekseid

Well, naturally would not want to bother with it for any site that didn't recoup the cost (anything but elliquiy.com), but it's certainly on the table for us, here.