Forum Admin Forum

GW2

Active member
This is what I see using Edge. The site looks completely secure. I have FF on another one of my home computers. I will check it out later and provide the results.

1672182227403.png
1672182276004.png

1672182321788.png
 

FTL

Well-known member
I went to this site by Mozilla:


Put in my domain name and scanned it.

Got this as a response:

View attachment 279047

I think Mozilla doesn't recognize "Let's Encrypt" as a trusted source. If so, that's odd. It's a reliable NPO-based certificate issuer that loads of websites use.

I could be wrong but that is what I suspect...
Oh no, Firefox works fine with Let's Encrypt, it's not that. For the record, my site doesn't get an especially good score either (nerdzone.uk) but works fine in FF. It also uses LE.

The scan tool's message "This site uses an untrusted or invalid certificate" shouldn't be ignored and is why FF is reporting the site as insecure.
 
Last edited:

FTL

Well-known member
@GW2 Nothing wrong with that. However, if you're not familiar with Let's Encrypt, it's worth checking it out and seeing if it's for you.

Key features:
  • Completely free
  • Backed by the biggest names like Amazon, Microsoft and Oracle. Note that XF Cloud uses them for their clients too, so that's a reliable endorsement as well
  • Completely automated certificate installation and renewal. Basically, set it and forget it. Note the initial setup can vary in complexity though depending on the server you're using
  • All SSL certs expire after 3 months, making them more secure against hacking

EDIT

And then there's this. Oh dear...

 
Last edited:

MQK8

Active member
So, it appears something is amiss with Fire Fox.
I had the same exact problem, Chrome, Microsoft and all browsers showed site secure except for Fire Fox, I couldn't figure it out. So I simply revoked (deleted) the key in Cloudflare, created a new key in Origin in Cloudflare and updated the Certificate and Private key in my cpanel under the appropriate domain, and it's worked ever since. Worth a try maybe.
 

GW2

Active member
@GW2 Nothing wrong with that. However, if you're not familiar with Let's Encrypt, it's worth checking it out and seeing if it's for you.

Key features:
  • Completely free
  • Backed by the biggest names like Amazon, Microsoft and Oracle. Note that XF Cloud uses them for their clients too, so that's a reliable endorsement as well
  • Completely automated certificate installation and renewal. Basically, set it and forget it. Note the initial setup can vary in complexity though depending on the server you're using
  • All SSL certs expire after 3 months, making them more secure against hacking

EDIT

And then there's this. Oh dear...

Thank you for those tips regarding a free Let's Encrypt SSL certificate. In my case, $50 every 2 years for a paid Trustico SSL cert. is probably worth the cost as it saves our admins (mostly me) the time & effort needed to renew every 3 months. I renew and forget about it for 2 years. Of course after 2 years have passed, I have totally forgotten how to renew it. So, renewing every 3 months does have it's advantages. :)
 

FTL

Well-known member
Thank you for those tips regarding a free Let's Encrypt SSL certificate. In my case, $50 every 2 years for a paid Trustico SSL cert. is probably worth the cost as it saves our admins (mostly me) the time & effort needed to renew every 3 months. I renew and forget about it for 2 years. Of course after 2 years have passed, I have totally forgotten how to renew it. So, renewing every 3 months does have it's advantages. :)
Thing is, the renewal is fully automated, as per my post, so that's not an issue. Do have a look at the website and see what you think of it.

I've read again that article and while it does make some good points, I don't think it's enough not to use it. I haven't seen any other articles warning of the risks of LE and since XF uses it in their cloud installations, I'm pretty sure it's ok.
 

GW2

Active member
Thing is, the renewal is fully automated, as per my post, so that's not an issue. Do have a look at the website and see what you think of it.

I've read again that article and while it does make some good points, I don't think it's enough not to use it. I haven't seen any other articles warning of the risks of LE and since XF uses it in their cloud installations, I'm pretty sure it's ok.
Thanks for that info. I will look into it.
 

Tracy Perry

Well-known member
Here is what I see using Fire Fox:
View attachment 279048
And this:


View attachment 279049

So, it appears something is amiss with Fire Fox.
Not necessarily... if the site is not using an image proxy, and is serving images linked directly to a non-secure website... this would be a normal issue to show up. It can also happen if whomever set the site up has linked to a non-secure image and there is no automated re-write in place.
 
Top