Posted: 3/4/2016 6:55:33 PM EDT
|
I've been getting this message in my browsers - WTH is going on... this just started recently.
using this link as an example: (note: its not only this link, but a lot of images being posted on Arfcom) https://www.suitstv.net/wp-content/uploads/2015/08/sarah-rafferty-001.jpg left cold on purpose. Chrome (windows 7 and Ubuntu 15.10) Your connection is not private Attackers might be trying to steal your information from www.suitstv.net (for example, passwords, messages, or credit cards). NET::ERR_CERT_COMMON_NAME_INVALID Same URL in Firefox on Ubuntu: Your connection is not secure
The owner of www.suitstv.net has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website. and this on IE (windows 7) Your connection is not secure The owner of www.suitstv.net has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website. |
|
Their SSL certificate is for different URLs than the site. This could be due to laziness, incompetence, or a malicious attack
In this case I think it's laziness or incompetence since all the text and logos on suitstv.net say suitstv If the site looked like it was trying to make people think it was secure-secure.co.uk I'd say it was malicious from firefox's technical details when I tried the site www.suitstv.net uses an invalid security certificate. The certificate is only valid for the following names: *.secure-secure.co.uk, secure-secure.co.uk |
|
Someone is being lazy with configuration. "secure-secure.co.uk" doesn't even resolve, probably using a cert they shouldn't be using. Suitetv.net sounds like a fan site, so probably just an idiot. Just remove the "S" in HTTPS and enjoy the image. There is no reason for an image hosted third party (I assume you are working on an issue in the BOTD forum where you are a new mod?) image to be in HTTPS in a forum. It just causes headaches like this. People worried about content sniffing going on because they were in BOTD should stay the fuck out of BOTD. Yeah, the cert is screwed up, but so what? Also, whomever put the site online might not HAVE a cert or know the server responds to HTTPS at all, but the main server owner has a wildcard ("*") in the configuration for the IP address for a cert used elsewhere or that is just abandoned. Just remove the S and move on. |
|
Quoted:
Someone is being lazy with configuration. "secure-secure.co.uk" doesn't even resolve, probably using a cert they shouldn't be using. Suitetv.net sounds like a fan site, so probably just an idiot. Just remove the "S" in HTTPS and enjoy the image. There is no reason for an image hosted third party (I assume you are working on an issue in the BOTD forum where you are a new mod?) image to be in HTTPS in a forum. It just causes headaches like this. People worried about content sniffing going on because they were in BOTD should stay the fuck out of BOTD. Yeah, the cert is screwed up, but so what? Also, whomever put the site online might not HAVE a cert or know the server responds to HTTPS at all, but the main server owner has a wildcard ("*") in the configuration for the IP address for a cert used elsewhere or that is just abandoned. Just remove the S and move on. it's not isolated to BOTD and I am noticing it is related to https and yes removing the S does help in some cases. |