View Single Post
Old July 22nd, 2020, 10:31 AM
whartung whartung is offline
Citizen: SOC-14
Join Date: Nov 2004
Posts: 2,584
Gallery : 0
whartung Citizen+whartung Citizen+whartung Citizen+

Originally Posted by tjoneslo View Post
The second is certificate use to secure the "https" is out of date or not issued by a trusted issuer. There is a similar idea here about the feedback loop. There are a few free certificate issuers, but most cost $100+ per year to keep up-to-date, assuming your ISP allows the process to be automated.
Certificates also have a date range for which they are valid. It's routine in when developing with certificates, to make them have an "infinite" (i.e. 10 years+) shelf life -- one less thing to hassle with.

But modern browsers are now starting to flag those certificates that are more than a year old. The current pressure is that certificates should be renewed each year.

Let's Encrypt, a very popular free certificate provider, issues certificates that are valid for only 90 days, but also has procedures with example code and strongly encourages sites to auto renew.

Sooner or later Firefox and/or chrome will start to refuse to connect to these http site.
The browsers are kinder to sites with no certificate, than to sites with untrusted certificates. At least in Safari, you have to click through several dialogs and enter your password to enter a site with any kind of certificate problem.

This is a good thing.

But in the end, the browsers won't deny you to an HTTP site.
Reply With Quote