Dear Andrew and Martin, for the past few months my anti-virus has been complaining about your site certificate. Are you aware of this issue?
Websites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for www.ultimateknicks.com. The certificate is only valid for the following names: *.adakie.com, adakie.com
Error code: SSL_ERROR_BAD_CERT_DOMAIN
Panos wrote:Dear Andrew and Martin, for the past few months my anti-virus has been complaining about your site certificate. Are you aware of this issue?Websites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for www.ultimateknicks.com. The certificate is only valid for the following names: *.adakie.com, adakie.com
Error code: SSL_ERROR_BAD_CERT_DOMAIN
Yes, thanks. I am working on a different solution.
Ok! Just checking! Feel free to delete thread!
They don't have an SSL certificate installed, meaning they don't have a third party vouching for them. They don't have the internet version of a driver's license. More and more stuff cares about that now.
It is somewhat silly to expect an SSL cert here though. There are no credit card details and no place for me to upload my Gallo pics. I think http://www.ultimateknicks.com is okay though.
I will say the one place it matters is with passwords. Your password is not encrypted at ultimateknicks.com. So, if you are reusing username, password info on different sites, like your email or at a bank, that could be a big problem for you. if it is not https://www.ultimateknicks.com, I can intercept the traffic and read it. If it is https://, I effectively get carded before I can actually read what's being sent through the interwebs
martin, andrew, please just install the SSL cert, redirect port 80 to 443, and then this all just goes away. Let's Encrypt offers FREE SSL certs, and there's an agent that automatically renew it for you so you do it once and never do it again... here's an example guide:
https://www.nginx.com/blog/using-free-ssltls-certificates-from-lets-encrypt-with-nginx/
please guys, I do think this puts people that don't know any better at risk
SupremeCommander wrote:They don't have an SSL certificate installed, meaning they don't have a third party vouching for them. They don't have the internet version of a driver's license. More and more stuff cares about that now. It is somewhat silly to expect an SSL cert here though. There are no credit card details and no place for me to upload my Gallo pics. I think http://www.ultimateknicks.com is okay though.
I will say the one place it matters is with passwords. Your password is not encrypted at ultimateknicks.com. So, if you are reusing username, password info on different sites, like your email or at a bank, that could be a big problem for you. if it is not https://www.ultimateknicks.com, I can intercept the traffic and read it. If it is https://, I effectively get carded before I can actually read what's being sent through the interwebs
martin, andrew, please just install the SSL cert, redirect port 80 to 443, and then this all just goes away. Let's Encrypt offers FREE SSL certs, and there's an agent that automatically renew it for you so you do it once and never do it again... here's an example guide:
https://www.nginx.com/blog/using-free-ssltls-certificates-from-lets-encrypt-with-nginx/
please guys, I do think this puts people that don't know any better at risk
100% and thank you for all of this, really good explanation.
Andrew and I have been caught up in life but I'm on it, been on my high level To-Do list for waaaaayyyy to long.
Also my security software tied to my mesh network when I use my ipad will not even let me log on. It is saying something about sharing unencrypted data from my ipad.
