SSL on all main dolphin-emu.org properties

**delroth** · (This post was last modified: 06-30-2013, 12:16 AM by delroth.)

Hi everyone,

Just a quick notice: today we bought a SSL certificate for *.dolphin-emu.org and enabled SSL on dolphin-emu.org (+ all localized versions of the website), forums.dolphin-emu.org and wiki.dolphin-emu.org. For most users, nothing should change, except that your login credentials are now more secure when you log in from an untrusted network. It also gives us devs a few more niceties (SSL->SSL referers are not stripped).

If you notice any problem due to this migration, please let me know here or by email (delroth@dolphin-emu.org).

We were able to spend the ~250€ to buy this certificate for 2 years thanks to the money we get from the ads here and on dolphin-emu.org. If you use AdBlock and you want to easily support the project, please disable AdBlock on dolphin-emu.org Smile

Thanks!

lamedude · 06-30-2013, 02:53 PM #2

How many ads do I have to click on to get signed Dolphin binaries؟

**delroth** · 06-30-2013, 08:07 PM #3

Are you talking about OSX? This might be possible actually - I'll look into it. No promises.

Scootaloo · (This post was last modified: 06-30-2013, 08:19 PM by Scootaloo.)

(06-30-2013, 12:14 AM)delroth Wrote: -snip-

You mean this?
[Image: fEtZj6i.png]

I guess it is nice to be more "secure", but if I only use one computer doesn't that mean it won't make a difference? I mean I'm not sure how many people actually use laptops and connect to here via public wifi or wherever.

**delroth** · 06-30-2013, 08:27 PM #5

Probably a lot more people than you imagine. And while "normal" users might not really care if their dolphin emu forums password is stolen (they should), devs and forum admins *do* care. It's never a bad thing to have SSL on a website.

TBH we mostly implemented SSL in order to get non-stripped SSL referers, which is extremely useful for us.

Scootaloo · 06-30-2013, 08:30 PM #6

(06-30-2013, 08:27 PM)delroth Wrote: Probably a lot more people than you imagine. And while "normal" users might not really care if their dolphin emu forums password is stolen (they should), devs and forum admins *do* care. It's never a bad thing to have SSL on a website.

Damn... I'm not trying to attack you or anything I was just asking a question. Sorry.

(06-30-2013, 08:27 PM)delroth Wrote: TBH we mostly implemented SSL in order to get non-stripped SSL referers, which is extremely useful for us.

Sorry, but I don't exactly know what that is. I'm guessing it has something to do with tracking something?

**Garteal** · 06-30-2013, 09:43 PM #7

Thank you delroth!

I visit the forum pretty often on school (from a public WiFi network) so it's nice to finally be able to login without having a huge target in my back.
One thing though, on the index page Firefox tells me everything is fine and dandy.
[Image: dolphin-ssl-secure2jszq.png]

When I'm in a thread however, it's only partially secured.
[Image: dolphin-ssl-notsecure73sir.png]

**delroth** · 06-30-2013, 10:01 PM #8

This is because some external resources are still loaded over HTTP, for example images in signatures. As long as no Javascript/CSS is loaded over HTTP, everything should still be secure - the worst thing someone could do is change an image. Can't do much about this - people are going to have http:// images in their signatures.

lamedude · 06-30-2013, 10:58 PM #9

I was talking about this.
[Image: dolphin.png]

It would be nice but pointless (Windows users are trained to ignore that stuff, its gets in the way of free iPods) if it said neobrain&friends instead. I don't use Mac so can't comment on Gatekeeper.

Scootaloo · 06-30-2013, 11:06 PM **#10**

(06-30-2013, 10:58 PM)lamedude Wrote: I was talking about this.

It would be nice but pointless (Windows users are trained to ignore that stuff, its gets in the way of free iPods) if it said neobrain&friends instead. I don't use Mac so can't comment on Gatekeeper.

Which is probably why it won't happen.