Topic 7885

InuTeisei
Exile
Post #1

Topic 7885

by InuTeisei » Sun Jul 25, 2010 5:15 pm

I went to login to my account on the clanlord portal and got a warning that there was something up with the certificate. Sure enough, a new certificate was issues on 7/19/2010 and is self signed. Needless to say I didn't sign in.

Sanitized details from Certificate issuer field:
E = dmchenry@<removed>.com
CN = deltatao.com
OU = Main
O = Deltatao
L = Citrus Heights
ST = CA
C = US

When will the site be up with a valid certificate?
Top
Jeanne
Exile
Post #2

Topic 7885

by Jeanne » Sun Jul 25, 2010 8:13 pm

What's wrong with that certificate?
Top
noivad
Exile
Post #3

Topic 7885

by noivad » Mon Jul 26, 2010 9:20 am

Jeanne wrote:What's wrong with that certificate?
It's self signed. and thus, not to be trusted. Certs aren't that expensive. I think someone posted a link to cheap and valid certs. Could someone with that info chime in and maybe send Eldon a message?
Top
Joedelta
Exile
Post #4

Topic 7885

by Joedelta » Tue Jul 27, 2010 6:24 am

Better now?
Top
Skirwan
Exile
Post #5

Topic 7885

by Skirwan » Tue Jul 27, 2010 7:16 am

Joedelta wrote:Better now?
Looks like you got a non-wildcard cert -- it matches to deltatao.com but not www.deltatao.com. You should add a redirect to remove the www when using SSL.
Top
rios dearg
Exile
Post #6

Topic 7885

by rios dearg » Tue Jul 27, 2010 12:44 pm

Joedelta wrote:Better now?
Joe posted! He reads!
:D
Top
Aldernon
Exile
Post #7

Topic 7885

by Aldernon » Fri Jul 30, 2010 10:02 am

noivad wrote:
Jeanne wrote:What's wrong with that certificate?
It's self signed. and thus, not to be trusted. Certs aren't that expensive. I think someone posted a link to cheap and valid certs. Could someone with that info chime in and maybe send Eldon a message?
Do people really feel this way about all SSL certs?

I've only ever bowed to, what I see as the extortion of the CA's, when adding a cert to my company's secure web server. I still use self-signed certs for my ssl ftp server and my ssl vpn device(s).

I'm honestly curious what peoples views are on this...the only place I can see it as useful is for http(s) traffic.
Top
noivad
Exile
Post #8

Topic 7885

by noivad » Fri Jul 30, 2010 11:08 am

Aldernon wrote:
noivad wrote:
Jeanne wrote:What's wrong with that certificate?
It's self signed. and thus, not to be trusted. Certs aren't that expensive. I think someone posted a link to cheap and valid certs. Could someone with that info chime in and maybe send Eldon a message?
Do people really feel this way about all SSL certs?

I've only ever bowed to, what I see as the extortion of the CA's, when adding a cert to my company's secure web server. I still use self-signed certs for my ssl ftp server and my ssl vpn device(s).

I'm honestly curious what peoples views are on this...the only place I can see it as useful is for http(s) traffic.
Well a self signed certificate isn't worth the bits it is imprinted in. As long as people know you self signed for an FTP or other non-web site, and that there's a chance this info could be faked, then go ahead.
Top
Shadowfire
Exile
Post #9

Topic 7885

by Shadowfire » Fri Jul 30, 2010 4:32 pm

20 bucks says a GM linked him the thread and that he doesn't read the Sentinel otherwise. 8)
Top
Skirwan
Exile
Post #10

Topic 7885

by Skirwan » Fri Jul 30, 2010 10:44 pm

I wouldn't provide any billing info to a site with a self-signed certificate.

Particularly after that whole 'hello worldy' thing that happened to deltatao.com 5/6 months ago, whatever that was.
Top