The Canadian Guitar Forum banner
1 - 20 of 42 Posts

·
Registered
Joined
·
1,706 Posts
Discussion Starter · #1 ·
Has anyone else been getting this message? I have a hard time getting here as it not secure....has it been overrun by rebels? Rabid Squirrels?
I'm a bit concerned.
Even now, the https has a red slash through it with a "not secure" warning beside it.
 

·
Premium Member
Joined
·
1,206 Posts
3 other threads on this. SSL certificate (used for browser to/from site HTTPS encryption and site authentication) expired on Fri at 8pm. Site admins/owners nowhere to be seen and no way to contact them. Scott is the only one that might be able to contact them, I suspect he is working on it behind the scenes, but he almost certainly doesn't have the server admin access required to fix them and he almost certainly won't (and should not) be spending his own money on a renewal certificate (although, Lets Encrypt certificates are now widely accepted and are free, in case you're seeing this Scott and have server access).
 

·
Premium Member
Joined
·
12,980 Posts
SSL?



I appreciate that they are using high end gear, but maybe it's time to drag 2010 backwards through the door. :D
 
  • Like
Reactions: LexxM3

·
Registered
Joined
·
1,706 Posts
Discussion Starter · #5 ·
Ok..as long as i know its not my computer. I have been getting lots of weird things with my PC.
 

·
Registered
Joined
·
10,143 Posts
I got a msg that this is not a secure site! I won't be back until this site has been cleaned up!
 

·
Premium Member
Joined
·
1,155 Posts
I'm logging out. I had a strange conversation with a 'member' by PM over the last couple days, who was offering to sell me some gear. That, and the security certificate thing have my spidery senses tingling. Hope to be back soon when this certificate issue is sorted.
 

·
Premium Member
Joined
·
4,677 Posts
Same here. Could not access all day yesterday. Hope it gets sorted out and will wait for the 'all clear' signal before doing any business.
 

·
Premium Member
Joined
·
1,206 Posts
Fixed with a free 90 day Let's Entrypt certificate (the couple of warnings below are relatively minor issues and don't affect authentication and encryption for any modern browser):





 

·
Registered
Joined
·
18,584 Posts
Yes, I got the warning too. So, I simply did not log on. These days, it's best to be safe. I figured it was because they let the certificate run out but I was not going to take a chance. My computer security is more important to me than logging onto a non-secure site.
 

·
Registered
Joined
·
630 Posts
got it too, in bc,, glad i joined by sending cash thru snail mail, and I dont use my computer for $ transactions at all
 

·
Premium Member
Joined
·
1,206 Posts
While I am personally extremely unhappy with VerticalScope ignoring GC admin duties, there is almost zero chance that this particular certificate expiration issue put any interaction or data at any risk whatsoever. Certificates expire all the time, humans forget. It wasn't a breach or anything even slightly related to one.

Even if it had been a breach, while I don't know what payment processing GC and VS use, the reality is that no one (at this small scale) stores credit card data locally any more -- everyone uses a payment processing service that can't be subverted by hacking the local site.
 

·
Premium Member
Joined
·
18,899 Posts
While I am personally extremely unhappy with VerticalScope ignoring GC admin duties, there is almost zero chance that this particular certificate expiration issue put any interaction or data at any risk whatsoever.
And yet another giant "Thanks" to @LexxM3 for putting us at ease.

I left myself logged onto the GC Forum ...and then began to worry a bit today that there might be consequences.
 

·
Registered
Joined
·
10,143 Posts
They say, "sometimes a day will make a difference". 24 hrs later, it's still the same shit different day! This never happened when Scott was the king of court.
 

·
Administrator
Joined
·
17,335 Posts
Seems to be fine now.
 

·
Premium Member
Joined
·
1,206 Posts
That's not impossible. The way certificates work is a trust chain and the typical approach is for systems (such as browsers) to include a set of default top level trusted certificate authorities (CAs) as part of the install/update package. This default inclusion is the part that makes it seem seemless to normal users, until it doesn't. It is entirely possible that BB doesn't yet trust the DST Root CA which in turn authenticates Let's Encrypt CA. They should, but they don't. You might consider raising awareness with your IT and then, in turn, BB. Let's Encrypt is almost certainly the future.



Letsencrypt Support - BlackBerry Support Community Forums
 
1 - 20 of 42 Posts
Top