Deadly Cupcakes
General Category => Welcome to Deadly Cupcakes! => Topic started by: **andius on November 17, 2017, 03:21:20 PM
-
I get the message:
Everything should now be set up to use SSL. To join the future of 1999, please use https://deadlycupcakes.org/forums/ in your bookmarks instead of http.
So I got the https://deadlycupcakes.org/forums/ version of the site and login but when I login the message returns and Chrome tells me the site is Not secure
-
What URL do you end up at after login? Do you do the quick login at the top-right or click "Login" on the lower row ("Home Help Search Login Register)?
If you see a page that's Not Secure, you can usually just change http to https in the URL and get to the same page. There are still a few links that come standard in SMF that assume http, so with your help, I can try to track it down.
-
Looks like https://deadlycupcakes.org/forums/ does not use the SSL cert, but https://www.deadlycupcakes.org/forums/ does. Dammit.
For now, if you add www. in front of deadlycupcakes.org in your URLs, that will use SSL with the cert.
-
Thank you adding the ww fixed it, I see you also changed the address in the "news"parts too :)
-
I will try to figure out why our cert is bound to www, not *. Sorry about that!
-
The cert seems fine, with deadlycupcakes.org and www.deadlycupcakes.org DNS SANs, and it is presented for the main connection when you visit https://deadlycupcakes.org/forums. However, the content at that URL contains a mix of https:// and http:// links; in particular, the form submission actions for the login and search boxes are insecure, which causes Chrome to consider the connection not fully secure. The content at https://www.deadlycupcakes.org/forums contains far fewer http:// links.
-
The cert seems fine, with deadlycupcakes.org and www.deadlycupcakes.org DNS SANs, and it is presented for the main connection when you visit https://deadlycupcakes.org/forums. However, the content at that URL contains a mix of https:// and http:// links; in particular, the form submission actions for the login and search boxes are insecure, which causes Chrome to consider the connection not fully secure. The content at https://www.deadlycupcakes.org/forums contains far fewer http:// links.
Thanks, Marco! I see a similar issue whenever certain linked avatars or gifs people post from http:// sources.
Since I'm not sure if any modifications I make to the login form on the home page will survive a software update (and a hint of laziness), please click Login on the top bar to login rather than the default form to ensure you are logging in with SSL.