Help - Search - Members - Calendar
Full Version: certificate
FightBack Forums > Pepipoo > Website Design
<h1 class="title">Your connection is not secure
</h1><h1 class="title">"The owner of has configured their web site improperly. To protect your information from being stolen, Firefox has not connected to this web site."</h1>

<h1 class="title">"How to troubleshoot the error code "SEC_ERROR_UNKNOWN_ISSUER" on secure websites</h1> On websites which are supposed to be secure (the URL begins with "https://"), Firefox must verify that the certificate presented by the website is valid. If the certificate cannot be validated, Firefox will stop the connection to the website and show a "Your connection is not secure" error message instead. This article explains why you might see the error code "SEC_ERROR_UNKNOWN_ISSUER" on websites and how to troubleshoot it."

The Rookie
Suspect they are trying to connect using HTTPS. It seems the "" SSL certificate expired in 2009!
I don't use Firefox but, out of curiosity, I opened it and accessed Pepipoo there with no difficulty at all.

Came up in the same way as it does on other browsers.
QUOTE (BaggieBoy @ Wed, 26 Apr 2017 - 15:13) *
Suspect they are trying to connect using HTTPS.

Actually the opposite - (modern) browsers warn when HTTPS is not being used. See here.

Chrome warns the same - 'Your connection to this site is not secure'. And is quite correct.

There is an outside chance of information being transported in plaintext being intercepted but this isn't your online bank...
I'm sure Cacert and other free issuing authorities are recognised now as being a valid issuer - so SSL certificates are free.
Pete P
Chrome and Firefox now explicitly warn that the login page is insecure as username and password are sent in plain text. Any chance of HTTPS guys? It's 2017, and SSL certificates are free and easy to install.
Pete P
When is pepipoo going to move to HTTPS? I see there is a certificate for (doesn't cover but it expired 8 years ago. The major web browsers now give explicit warnings when web pages are serving form fields over HTTP and Firefox puts a very obtrusive warning underneath login boxes.

It's 2018, all sites should be using HTTPS only. You can do it for free now with Let's Encrypt, but even the commercial CA's don't charge much for a basic multi domain certificate. I am a web host myself and I offer it for free to all my customers.
What exactly would we be securing?
QUOTE (southpaw82 @ Mon, 29 Jan 2018 - 01:01) *
What exactly would we be securing?

Logins and Passwords --
Hi - I've just registered today (thank you for being here...!).

I want to share with you that when clicking on the password field and email field on the registration form a warning appeared in my address bar: "Website Not Secure".
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2019 Invision Power Services, Inc.