site certificate just expired

agh gay!

I would sign my own certs, but https is effectively under the control of a digital cartel so we have to deal with this stupid shit

Manjaro moment.

lol retard

https://digdeeper.club/articles/static.xhtml#ssl

You do not need to rely on a certificate authority to support encrypted connections - you can generate the cert yourself. This has some advantages in that you don't have to rely on a third party that can go down at any time, or just be hacked and compromised by "cybercriminals". You can have stronger encryption than the maximum offered by acme / Let's Encrypt (8192 vs 4096). You can have your cert be valid for whatever length of time you want to, instead of the puny month or 3 months or whatever of LE; you will never be canceled, either. And finally you can fill the data with funny stuff like this:

Showing the 'View certificate' window in Pale Moon for my diggy.club self-signed cert, with 'Dig Deeper Team' listed as the issuing organization

Compare to a Let's Encrypt-assigned one:

Showing the 'View certificate' window in Pale Moon for my digdeeper.club Let's Encrypt cert. The lack of fun stuff in the data is very obvious.

So what's the catch? Because there has to be one, right? There indeed is, and a very serious one. Namely that all mainstream browsers display a big scary warning when they encounter a self-signed cert. Like this:

Self-signed cert warning in Chrome-based browsers, claiming the connection is 'not private' and offering a way to 'get back to safety' by leaving the offending page

You can click Advanced and proceed to my site anyway, but every normie will retreat to his "safe" Google-shaped cage instead. So if you want any actual viewership, you can't rely on this at least unless you have another host with an "official" cert.

It just doesn't want to work. Yet another Linux moment where things just break for reasons unknown

Ok, whatever. I'm going to use a self-signed cert and see how far this takes us then

>Someone could be trying to impersonate the site and you should not continue.

>Websites prove their identity via certificates. LibreWolf does not trust cy-x.net because its certificate issuer is >unknown, the certificate is self-signed, or the server is not sending the correct intermediate certificates.

>Error code: SEC_ERROR_UNKNOWN_ISSUER

admin@cy-x:~$ curl https://cy-x.net

>curl: (60) SSL certificate problem: unable to get local issuer certificate
>More details here: https://curl.se/docs/sslcerts.html
>curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it.
>To learn more about this situation and how to fix it, please visit the web page mentioned above.

>This Connection is Untrusted

>You have asked Pale Moon to connect securely to www.cy-x.net, but we can't confirm that your connection is secure.

>www.cy-x.net uses an invalid security certificate.
>The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported.
>(Error code: SEC_ERROR_UNKNOWN_ISSUER)

Fuck off! I'm not going to continue trying to mess around with this. I'm confident that everyone who actually uses this site on a weekly basis knows enough about technology to understand what a self-signed certificate is.

Fix the ssl you fucking retard

>>4114
It is now self-signed.

Yeah no shit. HTTPS broke open web standards and should have never been allowed to happen.
>just let me beg some authority figure to hand over a key so the browser doesn't spook the end user into thinking my website is malware

>Community: 7 connected
>(IRC: 3 | XMPP: 3 | Mumble: 1)
That used to say 40 connected.
grim

>>4116
>>just let me beg some authority figure to hand over a key so the browser doesn't spook the end user into thinking my website is malware
central authorities are dumb but there hasnt really been a huge effort to decentralize it. we just sit in this shit and roll around whining. its also not that big of a problem, because the central authority just doesnt give a shit. letsencrypt might be a backdoor but it literally doesnt matter when 99% of people already have fifty backdoors on their machine anyway. admin just get acme.sh set up, its not hard. self-sign your onion or something

anyhow the forum has a lot of shitty fake advertising bots now. yay

Fix this


Secure site not available
Most likely, the website simply does not support HTTPS.

However, it's also possible that an attacker is involved. If you continue to the website, you should not enter any sensitive info. If you continue, HTTPS-Only mode will be turned off temporarily for the site.

>>4139
just use http for now. admin is using a self-signed cert because autorenew fail

i'll solve this myself

fixed

>Community: 3 connected
>(IRC: 3 | XMPP: (offline) | Mumble: 0)
those are some really sexy stats
fuck you lets encrypt and your tiny expiration dates

Based rave is not a faggot

No love for 'stupid shit' anymore than I love losing money to pay another company's lawyers.