Join us on Discord!
You can help CodeWalrus stay online by donating here.

Forced https? ???

Started by Dream of Omnimaga, July 24, 2015, 08:33:25 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Adriweb

Quote from: DJ Omnimaga on July 25, 2015, 05:55:34 PM
I don't exactly remember what it was, but it was about untrusted certificate and it asked me to accept it. I have the same problem on many other HTTPS website (eg TVA Nouvelles).
Hmm, so this phone (or at least that old OS on the phone) somehow doesn't know/trust StartSSL (the signing authority)...
I guess it's ok with a bit more recent OSes, with updated trust stores...
  • Calculators owned: TI-Nspire CX CAS, TI-Nspire CX, TI-Nspire CAS (x3), TI-Nspire (x2), TI-Nspire CM-C CAS, TI-Nspire CAS+, TI-80, TI-82 Stats.fr, TI-82 Plus, TI-83 Plus, TI-83 Plus.fr USB, TI-84+, TI-84+ Pocket SE, TI-84+ C Silver Edition, TI-84 Plus CE, TI-89 Titanium, TI-86, TI-Voyage 200, TI-Collège Plus, TI-Collège Plus Solaire, 3 HP, some Casios
Co-founder & co-administrator of TI-Planet and Inspired-Lua

Dream of Omnimaga

Yeah that could explain it. Thankfully, the site still works. I guess it might just be a bit annoying for certain users or scary for technology-illiterate users to have such warning.
  • Calculators owned: TI-82 Advanced Edition Python TI-84+ TI-84+CSE TI-84+CE TI-84+CEP TI-86 TI-89T cfx-9940GT fx-7400G+ fx 1.0+ fx-9750G+ fx-9860G fx-CG10 HP 49g+ HP 39g+ HP 39gs (bricked) HP 39gII HP Prime G1 HP Prime G2 Sharp EL-9600C
  • Consoles, mobile devices and vintage computers owned: Huawei P30 Lite, Moto G 5G, Nintendo 64 (broken), Playstation, Wii U

novenary

Ah yeah, StartSSL. They're not trusted by everyone, or at least not until recently.

Lionel Debroux

Few browsers trusted CACert by default, but StartSSL has been well supported by the mainstream browsers for years.
It's heart-breaking for users that manufacturers are so careless about updating devices :(
Member of the TI-Chess Team.
Co-maintainer of GCC4TI (GCC4TI online documentation), TIEmu and TILP.
Co-admin of TI-Planet.

Dream of Omnimaga

#19
What is strange is that back in the days, certain certificates seemed trusted by almost every browser, old or new. Even older versions of IE seemed to have no issue displaying such site, aside from a warning about how we are about to enter a secured connection, which we could disable. I am bettering that those certificates were the ones that costed several hundreds of dollars, though. I myself would never pay this much for a certificate unless I was really serious about a website. Not that I am not serious about CW, but it only averages at 4000 page views a day and doesn't even have a shop (it used to, but it was external).


EDIT: Also, the Facebook sharing doesn't work by default on HTTPS now. It says content was blocked. The FB button at the top of the page works, but not the one in the first post of each topic.
  • Calculators owned: TI-82 Advanced Edition Python TI-84+ TI-84+CSE TI-84+CE TI-84+CEP TI-86 TI-89T cfx-9940GT fx-7400G+ fx 1.0+ fx-9750G+ fx-9860G fx-CG10 HP 49g+ HP 39g+ HP 39gs (bricked) HP 39gII HP Prime G1 HP Prime G2 Sharp EL-9600C
  • Consoles, mobile devices and vintage computers owned: Huawei P30 Lite, Moto G 5G, Nintendo 64 (broken), Playstation, Wii U

Unicorn

So I read up on the web browser, and it has support for SSL, and a clouple of other things..
  • Calculators owned: I own all of them: PICKACHUP TI 84+ CSE TI 83+ SE TI something something ??? ??? ??? ??? ???
  • Consoles, mobile devices and vintage computers owned: PICKACHUP ??? ??? ??? ??? ???



??? ??? ??? ??? ???

Lionel Debroux

The Startcom Class 1 certificate is for no fee, and the Class 2 certificate, with wildcard support, was only $30 a year when we bought one for TI-Planet + Inspired-Lua, which is far better than the other CAs.
The Let's Encrypt initiative from Mozilla, the EFF and friends, which is supposed to produce its first certificate next week and become available for the general public in September, will change the cards in the CA business, at long last.
Member of the TI-Chess Team.
Co-maintainer of GCC4TI (GCC4TI online documentation), TIEmu and TILP.
Co-admin of TI-Planet.

Dream of Omnimaga

Hm interesting. Ideally we would prefer to use free certificates since Juju can't even afford to pay CW hosting right now (I pay most of it ATM).
  • Calculators owned: TI-82 Advanced Edition Python TI-84+ TI-84+CSE TI-84+CE TI-84+CEP TI-86 TI-89T cfx-9940GT fx-7400G+ fx 1.0+ fx-9750G+ fx-9860G fx-CG10 HP 49g+ HP 39g+ HP 39gs (bricked) HP 39gII HP Prime G1 HP Prime G2 Sharp EL-9600C
  • Consoles, mobile devices and vintage computers owned: Huawei P30 Lite, Moto G 5G, Nintendo 64 (broken), Playstation, Wii U

Snektron

#23
Quote from: DJ Omnimaga on July 26, 2015, 04:31:05 PM
Hm interesting. Ideally we would prefer to use free certificates since Juju can't even afford to pay CW hosting right now (I pay most of it ATM).

I still had like one dollar on the paypal account i never use (Since i need to make a minimum transaction of €25 to put money on it <_<) so i figured, why not give it?
Also since CW has a lot of Dutch members maybe it's worth adding iDeal as payment method?
  • Calculators owned: TI-84+
Legends say if you spam more than DJ Omnimaga, you will become a walrus...


Dream of Omnimaga

Is iDeals a Dutch-only thing? I could perhaps check if SMF has a plugin that adds support for it.
  • Calculators owned: TI-82 Advanced Edition Python TI-84+ TI-84+CSE TI-84+CE TI-84+CEP TI-86 TI-89T cfx-9940GT fx-7400G+ fx 1.0+ fx-9750G+ fx-9860G fx-CG10 HP 49g+ HP 39g+ HP 39gs (bricked) HP 39gII HP Prime G1 HP Prime G2 Sharp EL-9600C
  • Consoles, mobile devices and vintage computers owned: Huawei P30 Lite, Moto G 5G, Nintendo 64 (broken), Playstation, Wii U

Yuki

Yeah, I enabled HSTS the other day. As Streetwalrus said, you still have access to HTTP, and since HSTS is fairly new, your old browser should not do the redirection since it don't know yet how to do that. And even on new browsers, it only works if you already went on HTTPS at least once since I activated it and there's a way in the settings (at least on Chrome, you may probably have to delete some cache file) to "forget" you already visited that site on HTTPS.

For the certificates, we use the ones at Namecheap, they're often free with a new domain name, otherwise they're real cheap, like $1.88 if I remember well. And they do the job. There's errors on Omnimaga and CodeWalrus, but it's because we serve HTTP content over HTTPS, which is quite normal for a server, I guess, and this error should be ignorable.
  • Calculators owned: TI-83+ (dead?), Casio Prizm (also dead???)
  • Consoles, mobile devices and vintage computers owned: A lot
Read Zarmina!
YUKI-CHAAAANNNN
In the beginning there was walrii. In the end there will be walrii. All hail our supreme leader :walrii: --Snektron

if you wanna throw money at me and/or CodeWalrus monthly it's here

Snektron

Quote from: DJ Omnimaga on July 27, 2015, 12:54:31 AM
Is iDeals a Dutch-only thing? I could perhaps check if SMF has a plugin that adds support for it.

Yeah i think it is. It's supported on many international platforms though
  • Calculators owned: TI-84+
Legends say if you spam more than DJ Omnimaga, you will become a walrus...


novenary

By the way, if you still want to use http, use http://http.codewalr.us or any other subdomain that doesn't already have a defined purpose.

Dream of Omnimaga

Lol I didn't know this worked. But then won't the url switch back to default site URL once clicking links?

Edit: it does x.x
  • Calculators owned: TI-82 Advanced Edition Python TI-84+ TI-84+CSE TI-84+CE TI-84+CEP TI-86 TI-89T cfx-9940GT fx-7400G+ fx 1.0+ fx-9750G+ fx-9860G fx-CG10 HP 49g+ HP 39g+ HP 39gs (bricked) HP 39gII HP Prime G1 HP Prime G2 Sharp EL-9600C
  • Consoles, mobile devices and vintage computers owned: Huawei P30 Lite, Moto G 5G, Nintendo 64 (broken), Playstation, Wii U

novenary

Eh, didn't think of that. Nevermind then.

Powered by EzPortal