Accessing the site from Firefox, I see htis:
milovana.com uses an invalid security certificate. The certificate does not come from a trusted source. Error code: MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED
which suggests the security certificate is not from a provider that issues decent ones (or is self-cert). These days most people get their free certs from letsencrypt. Will Milovana change it?
invalid certificate
-
- Curious Newbie
- Posts: 4
- Joined: Tue Jan 12, 2016 6:31 pm
- Gender: Male
- Sexual Orientation: Straight
- I am a: Switch
- Sissy Elise
- Explorer At Heart
- Posts: 307
- Joined: Sat Oct 10, 2015 1:52 pm
- Gender: Femboy
- Sexual Orientation: Open to new ideas!
- I am a: Submissive
- Dom/me(s): Miss Tress
Re: invalid certificate
Im not getting that error on firefox.
Although the cause looks to be the certificate being issued before 1st June 2016 (public certificate transparency logs date)
The current certificate has only got 1 month and 18 days left on it. So it will more than like be updated soon anyway.
Although the cause looks to be the certificate being issued before 1st June 2016 (public certificate transparency logs date)
The current certificate has only got 1 month and 18 days left on it. So it will more than like be updated soon anyway.
☰ TEASES VIDEOS GAMES ART
Latest Tease: Rock Paper Scissors - Visual Game
Latest vids: Sissy Trainer 22
Re: invalid certificate
I found an article where they states what can be an issue:Sissy Elise wrote: ↑Wed Apr 18, 2018 9:48 pm Im not getting that error on firefox.
Although the cause looks to be the certificate being issued before 1st June 2016 (public certificate transparency logs date)
The current certificate has only got 1 month and 18 days left on it. So it will more than like be updated soon anyway.
https://support.servertastic.com/announ ... rtificates
In case the cert was issued by Symantec (Symantec also issues certificates under the Geotrust, Thawte and RapidSSL brands.), browsers should have a restriction for certificates that were issued (including reissues) before 1 June 2016 with an expiry after 15 March 2018.
So even if the cert is technically valid, it can not be trusted, hence the error.
This update had been implemented on marc 12 and should be in effect from version 60, so if the firefox version is older than that, it won't say a thing.
(Like a blocked debit card that has an expiration date in the future, it technically not expired so you could buy things with it, but when it comes to paying the terminal will decline it.)
Re: invalid certificate
I strongly suggest to the devs to use this site for the new cert:
https://letsencrypt.org/
You can make a cert in minutes and with a small cron job it reissues itself.
https://letsencrypt.org/
You can make a cert in minutes and with a small cron job it reissues itself.
- DoxysTurtle
- Explorer At Heart
- Posts: 309
- Joined: Wed Oct 05, 2011 4:07 am
- Gender: Male
- Sexual Orientation: Straight
- I am a: Submissive
- Location: USA
- Contact:
Re: invalid certificate
Given there's a valid SHA256 cert from a traditional SSL provider (who's not about to be blacklisted), there's not a lot of reason for it to be switched over to LetsEncrypt.
Re: invalid certificate
Lets Encrypt is free and well supported with strong ciphers, its not a must but it would save costs for the site.
Re: invalid certificate
Valid != trusted and the current cert should be switched by now.DoxysTurtle wrote: ↑Thu Apr 19, 2018 3:49 pm Given there's a valid SHA256 cert from a traditional SSL provider (who's not about to be blacklisted), there's not a lot of reason for it to be switched over to LetsEncrypt.
https://security.googleblog.com/2017/09 ... antec.html
So we need a new cert that is for sure. Money can be an issue for a free site and rapid ssl aint free.
It starts at 59$, but if it's a wildcard cert, it's 249$.
While letsencryp is free, reliable (SHA256 RSA 2048, just like this one) and if you would just give a look to the "major sponsors and donors" section on the letsencrypt site, you would see, that it won't be blacklisted in the near future.
And do not get me wrong, I do not care were they get their cert, but they should get one asap. I just tried to offer a free alternative, if money is the reason behind the distrusted cert.
-
- Explorer At Heart
- Posts: 790
- Joined: Sun Jun 11, 2017 4:30 pm
- Gender: Male
- Sexual Orientation: Straight
- I am a: Switch
Re: invalid certificate
Use LetsEncrypt in combination with a cron task to automatically renew it each month.
If the devs have any questions regarding it, feel free to message me.
If the devs have any questions regarding it, feel free to message me.
Re: invalid certificate
Moved the site to Cloudflare. By doing that I'm basically making it so I don't have to worry about things like certificates in the future. It might also help with security thanks to some of their filtering. It's possible that the filtering causes some issues, since Milovana uses a lot of custom software. But we'll take it as it comes.
Who is online
Users browsing this forum: No registered users and 29 guests