I am currently having HTTPS warnings when accessing dolphin-emu.org and forums.dolphin-emu.org because the common names don't match. Looks like the certs are for AlwaysData instead of dolphin-emu.org. Am I the only one getting this?
HTTPS issue with the main site and forum
|
04-06-2016, 10:29 AM
![]() ISSUE NOT RESOLVED!!! I just had the same thing happen to me, and the only browser that works that I've tested (which is many) is a portable legacy opera browser (which I have to enable ssl3). Please fix this issue because I rather use the latest chrome or Firefox, TY. I can't visit anything from this site, forum main-page and all. I even enabled tls fall-back and everything I found from a wild-goose-chase trying to fix this problem. I can ping this site and view through a proxy site though... 04-06-2016, 03:02 PM
I get "connection interrupted" errors about 50% of the time when trying to load the site, but it works if I reload the page. This problem didn't occur in the past, so I'm not sure what's changed.
04-06-2016, 09:26 PM
@zackoftrades333: well, this isn't possible as SSLv3 is disabled server-side. So it sounds like there is something wrong on your end… perhaps a transparent proxy, a firewall or something else is tampering with HTTPS connections?
However, there is something wrong with the server according to ssllabs.com: it's reportedly vulnerable to the DROWN attack. 04-07-2016, 03:24 AM
I'll get that error half the time if I'm in an SSH tunnel only on Firefox. Never on Chrome. Refreshing a couple times usually works
04-09-2016, 12:02 AM
I suffer the error constantly. I'm using just the common Firefox without firewalls or anything weird.
04-09-2016, 01:55 AM
Are you getting the common name mismatch or something else? If it's not the CN issue, I think it may be more appropriate to create another thread.
Hi. I noticed someone was running the SSL Labs test on forums.dolphin-emu.org. It appears you need to revoke your certificate, generate a brand new RSA key, and obtain a new certificate; SSL Labs is giving your domain a grade of F for being vulnerable to the DROWN vulnerability; see https://www.ssllabs.com/ssltest/analyze....in-emu.org
Also, Google Chrome also indicates mixed content on this specific page due in part to the embedded image being loaded from regular http; if the user or a moderator edit the http to https it should be fixed; the image host supports HTTPS. 04-09-2016, 12:42 PM
(04-06-2016, 09:26 PM)leolam Wrote: @zackoftrades333: well, this isn't possible as SSLv3 is disabled server-side. So it sounds like there is something wrong on your end… perhaps a transparent proxy, a firewall or something else is tampering with HTTPS connections? Don't know what to tell ya ![]() Also, it seems that the ssl3 thing doesn't seem to happen on all pages of the site now. But when it does, this happens if I don't enable it: ![]() That browser at least has an option to allow the mismatched domain and certificate problem previously mentioned, where if I use anything modern like the current opera, firefox, IE that comes w/ windows 8.1, or chrome, it always gives me a connection error with no options at all. Could this all be fixed if the host of the site just got a new certificate that actually matches the URL? ![]() |
« Next Oldest | Next Newest »
|
Users browsing this thread: 1 Guest(s)