Jump to content
Tuts 4 You

SSL Support


Aguila

Recommended Posts

Teddy Rogers

This was something I had considered doing some years ago but with SSL "broken" and certificate authorities not wholly "honest" I decided it wasn't worth the hassle or expense for what little gain. I contemplated using a self-signed certificate and had one running in the background for a little while but decided against having it running live as most people get confused and put off viewing sites when they see a big scary warning about a broken/unknown security certificate in their browser.


 


Only recently the latest RHEL now comes with an updated version of OpenSSL which has support for TLS1.2 so if I get some time I may revisit adding a security certificate with PFS. However it's currently at the low end of priorities for now. I will keep you posted on any developments though...


 


Ted.


Link to comment
Share on other sites

  • 1 month later...

I have installed a new security certificate which is now active for secure connections during signing in and during creation of a new user account. The certificate supports TLS1.2.


 


Please let me know if there are any problems...


 


Ted.


Link to comment
Share on other sites

Yes, that is normal for the way the board is currently configured, for it to default back to none secure pages after you click on a link. IPB by default only allows for SSL to be used during signing in and during registering of a new account but not full encryption throughout the board. There is a workaround method to enable full encryption across the board but I have yet to find out why - when enabled - not all page content is encrypted...


 


Ted.


Link to comment
Share on other sites

Something changed, now clicking on links keeps "https" - thanks a lot! :)

Signatures (like your own) & other images linked to 3rd party servers will cause "page includes resources which are not secure" warning in browsers - but there's not much you can do about that. ;) Apart from that, it looks like it's working perfectly.

Link to comment
Share on other sites

I fixed the issues with securing the default board configuration from fully encrypting the page so I enabled it completely across the board. Unfortunately, and as you have mentioned, there is nothing I can do about links to external images in signatures and such like...


 


Ted.


Link to comment
Share on other sites

  • 3 months later...
Teddy Rogers

The server already redirects to the none www links and has done for nearly as long as the site has been running. No one should be using www links, even search engines...


 


Ted.


Link to comment
Share on other sites

www.tuts4you.com uses an invalid security certificate. The certificate is only valid for the following names: forum.tuts4you.com , tuts4you.com (Error code: ssl_error_bad_cert_domain)

Link to comment
Share on other sites

Teddy Rogers

That is correct, there should be a warning if you are accessing the site through a www link... :dunno:


 


Ted.


Link to comment
Share on other sites

Hi Ted,


 


short info: If I login now then it comes again any new style window and after login I press on my messenger icon to let open the tab but there it hangs again endless.Now I need to refresh the page or open it in a new tab and then the messenger icon works again normaly.So maybe you remember that we talked already about the problem before a while so now its the same problem again.Just only a info for you so I don't know what you have changed or updated now etc.


 


greetz


Link to comment
Share on other sites

Hi Ted,


 


ok I have checked my PMs with you and I told you about the same problem at 6. February this year and you answered me "...added a security ticket to the site so that all connections are encrypted" ...and then you said after... "I have changed some settings, and let me know if you experience the same symptoms..." and then the problems was away again but then you changed again any web settings and the problem was comming back and then you fixed it again. :) Anyway so just check our PM topic called "Improving Script Topics.."


 


Maybe its again any http / https issue so I try to test it so normaly my link does just use http to this forum.If enter this...


 


https://forum.tuts4you.com/ = same in browser to see after


if I enter this...


http://forum.tuts4you.com/ = forum.tuts4you.com/ to see only


 


greetz


Link to comment
Share on other sites

That is correct, there should be a warning if you are accessing the site through a www link... :dunno:

 

Ted.

So, some old links are supposed to have that warning. :)

  • Like 1
Link to comment
Share on other sites

  • 7 months later...

A new security certificate has been issued and I have removed RC4 from the list of supported cyphers...


 


Ted.


  • Like 1
Link to comment
Share on other sites

  • 1 year later...

The security certificate for the site has now been updated. I have also changed the certificate authority, it is no longer issued from StartSSL and is now being issued from cPanel (the OCSP is Comodo).

All StartSSL certificates issued after 21st October are no longer going to be trusted starting from Firefox 51 and Chrome 56. All StartSSL certificates issued after this date should not be trusted...

Ted.

  • Like 2
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...