Site certificate

[720_Jeff]

Site was down a few days ago for a bit of time.  After the site came back up, looks like the certificate that got installed, is an old one from last year, expiring last year.  

Not sure if anyone has noticed?

[MikeRL411]

Noticed, this has happened before, Site is client run and time creeps up on the owner.  Cash remittances are certainly appreciated NEE?

[john510]

The sites still messed up.

[Thomas]

17 hours ago, 720_Jeff said:

Site was down a few days ago for a bit of time.  After the site came back up, looks like the certificate that got installed, is an old one from last year, expiring last year.  

Not sure if anyone has noticed?

 

Yes, we had to switch hosts last-minute. I was told the new certificate should be automatically generated and installed once the domains were resolved to the new server. That should have happened so I'll check up.

 

1 hour ago, john510 said:

The sites still messed up.

 

I know the search bar is messed up but functional. That came from a software update as the forum software company is always changing the way they theme it. I'll fix it eventually, but it's not a high priority at the moment. Is there anything else funky besides that and the SSL certificate that people have noticed?

[Thomas]

I asked them to update the certificate manually, so it looks like that went through now! If anyone still sees "site not secure", try closing and re-opening the browser.

[datzenmike]

I've been without since Fri. Only just got on an hour ago, wasn't functioning at 7 this AM. Canada eh?

[Thomas]

3 hours ago, datzenmike said:

I've been without since Fri. Only just got on an hour ago, wasn't functioning at 7 this AM. Canada eh?

 

Yeah, probably when the SSL certificate kicked in. You could access before, but it depends if you decided to "proceed" anyway after security warning. Some browsers are more strict than others too. I found that Firefox only seemed to ask me once per session. 

[Chuck Most]

Tried to check in last night and again this morning. Glad it's back up and running. I'm not as active here as many others but I was bummed to think Ratsun might be down for good. 

[720_Jeff]

Awesome!  Yeah, my browsers were nagging me, especially if I tried to post.

 

Great site!  Always enjoy it!

 

jeff

[ratpatrol66]

On 7/4/2023 at 9:06 AM, john510 said:

The sites still messed up.

You just figured this out? 

[720_Jeff]

8 hours ago, johnyyy said:

It's concerning to hear that the site was down for a period of time and that an old certificate was installed after it came back up. This could potentially compromise the security of the site and the information of its users. It's important to contact the site's administrator or support team as soon as possible to report the issue and request that they update the certificate to ensure that the site is secure and functioning properly. It's always better to err on the side of caution when it comes to online security, so it's important that the site's team addresses this issue promptly.

These kinds of things, taking into account, the number of users, the kind of site and transactions happening on it, an old certificate still encrypts just like it always had.  If the keys are secure, risk is low, given the factors mentioned below.

What's at risk in a site like this?  User credentials and PM's.  Not much else comes to mind.  Best practices, User Credentials should be unique for every site/system one uses, so the risk now is, someone could impersonate a user.  Just doesn't seem this site is a likely target for bad actors

 

Honestly, just my own opinion while it's nice the site has a certificate, it really isn't absolutely necessary.  Of course, I don't know what is happening in PM's, if I had information to convey to another user on this site, I'd take the communication off this site and into something else, be it cell phone or just email.