1. DLP Flash Christmas Competition + Writing Marathon 2024!

    Competition topic: Magical New Year!

    Marathon goal? Crank out words!

    Check the marathon thread or competition thread for details.

    Dismiss Notice
  2. Hi there, Guest

    Only registered users can really experience what DLP has to offer. Many forums are only accessible if you have an account. Why don't you register?
    Dismiss Notice
  3. Introducing for your Perusing Pleasure

    New Thread Thursday
    +
    Shit Post Sunday

    READ ME
    Dismiss Notice

DLP cert failure

Discussion in 'Site Related Support' started by Admonkeystrator, Jan 20, 2011.

  1. Admonkeystrator

    Admonkeystrator Seventh Year

    Joined:
    Jul 19, 2008
    Messages:
    270
  2. Zennith

    Zennith Pebble Wrestler ~ Prestige ~

    Joined:
    Jun 21, 2009
    Messages:
    175
    Location:
    The Capitol
    High Score:
    1,928
    Try it with just Http, no S.
     
  3. Vir

    Vir Centauri Ambassador ~ Prestige ~ DLP Supporter

    Joined:
    May 21, 2006
    Messages:
    11
    Location:
    Canada
    High Score:
    1,907
    Click "proceed anyway" it'll let you into the site. The reason for it is that the security cert. is self-signed. It still works.
     
  4. KrzaQ

    KrzaQ Denarii Host DLP Supporter

    Joined:
    May 9, 2008
    Messages:
    1,404
    Location:
    Poland
    Tbh, it's a valid claim. A lot of users have no idea that all this cert lacks is identity information, and that it secures data transfer just fine.

    We could always use a free one, from StartCom.
     
  5. Xiph0

    Xiph0 Yoda Admin

    Joined:
    Dec 7, 2005
    Messages:
    9,498
    Gender:
    Male
    Location:
    West Bank
    There's a way of manually adding the cert from DLP as trusted, Raven walked me through it once, but I forget how now.
     
  6. Johnny Farrar

    Johnny Farrar High Inquisitor

    Joined:
    Mar 14, 2009
    Messages:
    521
    Location:
    In front of a Computer.
    If you're using firefox there is an option for permanently storing the exception for the security certificate as being trusted. Don't know how to do that with Chrome though.
     
  7. Alindrome

    Alindrome A bigger, darker mark DLP Supporter Retired Staff

    Joined:
    Apr 9, 2009
    Messages:
    2,771
    Gender:
    Female
    Location:
    England
    If you take a look at the certificate, it says the OU is the Office of Overlord Xion. :awesome
     
  8. Lord Ravenclaw

    Lord Ravenclaw DLP Overlord Admin DLP Supporter

    Joined:
    Apr 2, 2005
    Messages:
    4,372
    Location:
    Denver, CO
    I'm currently waiting on a specific webserver feature that I requested ages ago before I move DLP to a 'valid' (not self-signed) SSL cert. PatronusCharm and DLP/ProjectDLP all share the same IP. Unfortunately, you can only use one cert per IP. The initial SSL handshake doesn't even include the URL, it's only after certificates have been exchanged and an encrypted tunnel made that the HTTP Host header is sent to allow the server to respond to it.

    A technology has emerged in the last few years called TLS Server Name Indication, which allows the initial handshake between the browser to include a hostname (e.g. forums.darklordpotter.net) allowing one cert per host and relaxing the IP limit, so this way I can have a valid cert for the forums as well as PatronusCharm.


    After that I will probably get a cert through SoftLayer for $25/yr.

    If you want to learn a little more about SSL certs, I've distilled it here: http://blog.patronuscharm.net/2008/07/ssl-and-dlp-little-known-secret/


    Meh, fuck it. Why not? :D the forums already transmit a "use SSL plox" header read by Chrome, but only if it's valid. Might as well.