SSL Cert (Improved Security)

[Dan]

I'm adding an SSL cert to the site in order to boost our security profile a bit.   You may notice some "strangeness" with the forum and cookies while this happens. You will possibly have to reauthenticate after the upgrade is complete.   

It should be done by tomorrow sometime.

Thanks for your understanding.

[Dan]

Well, that didn't take as long as I had anticipated.     SSL Cert is now active. 

Everyone will be redirected to the secure version of the site in order to make sure things like bookmarked non-https links still go to the proper place.

Please let me know if you run into any issues. 

Thanks.

[jeff3163]

    Looks good to me.  I now see an "https" and a picture of a padlock by it.   

Thanks.
 

[Doug]

Thanks Dan, not seeing any issues here.

D

[Bradallen43]

Thank you Dan! I'm also seeing the https:// and a padlock showing.

[stiletto2]

Thanks, Dan!  Looks good to me.

Rod

[corbu1]

Thank you, Dan!

[dexthom]

Thanks Dan,  My security gidgets are now happy...   

[dexthom]

I notice that the Forums show as secure but the other tabs, HOME etc. do not.  Is that something that we
have to change?

[Dan]

The cert only applies to the forum (forum.mistymoorings.com).   There is no need for a cert on the static website (return.mistymoorings.com) because there is no authentication taking place on that side of things.  Your forum credentials are not used on the static website, they are separate domains.

[dexthom]

Very good.   

[Dan]

I'm in the process of implementing an SSL certificate on the static site as well (return.mistymoorings.com), there may be some intermittent issues while it is completed.

Update: the forced-https rule is in effect, but for some reason the cert is taking a long time to go through, resulting in a security "warning" on the main site.    Rest assured, the site is completely safe, it's just trying to use an SSL cert that isn't quite there yet.   

[Doug]

Thanks Dan ... appreciate the special effort.

D

[Dan]

I've manually removed the rewrite rule for forcing https connections for now on the static site, but if your browser is cached, you may still see it yelling scary "this site is trying to steal your information!" types of messages .. I'm working with support to see what is going on with the SSL cert order, and why it hasn't processed yet.

In the meantime, if you're getting the errors, you can just clear your browser cache and you should be good.

[Dan]

Annnnnd, complete.  Everything should be back to normal.   Both the static site and the forum now both have SSL certs.    Happy little padlocks for your browser address bars.  Now I need some bourbon.