Hosting issue

Discuss text adventures here! The classics like those from Infocom, Magnetic Scrolls, Adventure International and Level 9 and the ones we're making today.

Moderators: AArdvark, Ice Cream Jonsey

User avatar
Ice Cream Jonsey
Posts: 28877
Joined: Sat Apr 27, 2002 2:44 pm
Location: Colorado
Contact:

Hosting issue

Post by Ice Cream Jonsey »

Do you guys know what side is fucking up for an error like this?
Your connection is not private
Attackers might be trying to steal your information from www.trottingkrips.com (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_COMMON_NAME_INVALID

Help improve Safe Browsing by sending some system information and page content to Google. Privacy policy
This server could not prove that it is www.trottingkrips.com; its security certificate is from shortener.secureserver.net. This may be caused by a misconfiguration or an attacker intercepting your connection.

Proceed to www.trottingkrips.com (unsafe)
I am using SoonerDomains for the domain only. Dreamhost for the actual content.

I get it trying to go to https://www.trottingkrips.com. Just going to http://www.trottingkrips.com works with no errors.
the dark and gritty...Ice Cream Jonsey!

User avatar
pinback
Posts: 17672
Joined: Sat Apr 27, 2002 3:00 pm
Contact:

Re: Hosting issue

Post by pinback »

The SSL cert is for "shortener.secureserver.net", not trottingkrips.com. Do you have the abililty to install a correct cert?
I don't have to say anything. I'm a doctor, too.

User avatar
pinback
Posts: 17672
Joined: Sat Apr 27, 2002 3:00 pm
Contact:

Re: Hosting issue

Post by pinback »

"trottingkrips.com" points to 184.168.131.241, which is shortener.secureserver.net. I dunno how shortener works, and why you can still get the trottingkrips website when you go there, but that's why there's a mismatch with the SSL cert.
I don't have to say anything. I'm a doctor, too.

User avatar
Tdarcos
Posts: 9333
Joined: Fri May 16, 2008 9:25 am
Location: Arlington, Virginia
Contact:

Re: Hosting issue

Post by Tdarcos »

pinback wrote: Sun Sep 29, 2019 9:40 am but that's why there's a mismatch with the SSL cert.
Which also says something about inertia, HTTPS no longer uses SSL; it has been deprecated since 2015 by RFC 7568. It's an old dog and is vulnerable to POODLE attacks. It was replaced by TLS which has gone through several revisions to counter its vulnerabilities. In fact, anyone processing.credit cards can no longer use TLS 1.0 and has been required by PCI for more than 15 months to use at least TLS 1.1. Since several open source libraries support TLS 1.3 most systems are going that route.

This article explains how HTTPS works; it's just HTTP with some encryption bolted on. This is why I have said to Jonsey since he is holding an HTTPS certificate for Jolt Country he should modify at least the routine that calls the login page as well as that page to force HTTPS. At least with secure login no one can forge credentials although forcing all traffic to this webdite as HTTPS might be a good idea.
Alan Francis wrote a book containing everything men understand about women. It consisted of 100 blank pages.

User avatar
pinback
Posts: 17672
Joined: Sat Apr 27, 2002 3:00 pm
Contact:

Re: Hosting issue

Post by pinback »

Tdarcos wrote: Mon Sep 30, 2019 12:21 pm
pinback wrote: Sun Sep 29, 2019 9:40 am but that's why there's a mismatch with the SSL cert.
Which also says something about inertia, HTTPS no longer uses SSL;
Well yeah, but we still call them "SSL certs".

Nobody likes a pedant, Paul. Or a pedo. Anything beginning with "ped", just stay away.
I don't have to say anything. I'm a doctor, too.

User avatar
bryanb
Posts: 807
Joined: Sat Apr 06, 2019 2:56 pm

Re: Hosting issue

Post by bryanb »

pinback wrote: Mon Sep 30, 2019 1:10 pm Nobody likes a pedant, Paul. Or a pedo. Anything beginning with "ped", just stay away.
Like "pedestrian." Knuckles found out the hard way that nobody likes a pedestrian :sad:.

Could the cert issue possibly have something to do with the fact we're using domain masking? That's not a question coming from any deep knowledge, but one guy on the Internet did once say "with a little research I've discovered that domain masking actually breaks SSL encryption" which is a fairly dramatic statement. Admittedly, I've been on a campaign to get Jonsey to turn off domain masking for months now so my motives here are absolutely suspect.

Still, pretty much every site issue we've had up to this point has been caused by either (1) me copying and pasting the wrong code snippet into a PHP file, (2) me getting the "WordPress Address" and the "Site Address" confused, or (3) domain masking. So, if it's not domain masking, it's probably my fault.

Post Reply