Wrong site security certificate being used?


#1

When I first went to forum.juce.com, I got a security warning: see attached screenshot (with Chrome on Windows7). Looks like the certificate you’re using is a wildcard certificate for *.discourse.org instead of for *.juce.com.
Ignoring this works, but this should be fixed I guess.


#2

Update: the error is gone now, but the connection is now not over https any longer (so passwords are sent in plain text I assume).
I’ll assume someone is currently going through the hoops of adding a valid certificate to the forum site and will then turn on https again.


#3

Yes please!! HTTPS should be standard issue for forums.


#4

Yeah, the web team knows this of course. I think they were waiting for a certificate or something, but obviously will sort it out asap.


#5

I’m glad others also care about secure connections. A day ago - when the forum was in a read-only state - I contacted ROLI about this by email. They haven’t replied yet.

In essence I have reminded them of my step by step guide on how to achieve this by using letsencrypt. The great thing about this is that you don’t have to care about renewing a certificate anymore.

Https/SSL for free, step by step guide