If you have a valid SSL certificate, why don't you use SSL...?

Liam W

Well-known member
I've noticed that the SSL certificate attached to xenforo.com is valid and working, but you don't seem to be redirecting to SSL?

I think you should - forum an all :)

Unless you have a specific reason to not use SSL?

Liam W

Well-known member
Yes, but it would fix the issues I've been having with the site not loading on my home internet unless behind SSL...

I know they wouldn't change something for one person, but still ;)

Seems a shame to waste the system.

Liam W

Well-known member
Why wouldn't a site load on your network unless it's behind SSL? o_O
It's a very strange issue, only happening with this site.

I was using it one day, and it just didn't load - Chrome said connection error. It would still ping though.

I then tried it with SSL one day, for some reason and it loaded, but the forum redirects to non-ssl so it won't load.

It's temperamental, it loads for a few days, then it doesn't load for a few days...



Well-known member
The SSL certificate is mainly used for the customer area and the license API:



Most people do not have site-wide SSL because it increases CPU load.
Really not the case anymore if you set it up properly...


In January this year (2010), Gmail switched to using HTTPS for everything by default. Previously it had been introduced as an option, but now all of our users use HTTPS to secure their email between their browsers and Google, all the time. In order to do this we had to deploy no additional machines and no special hardware. On our production frontend machines, SSL/TLS accounts for less than 1% of the CPU load, less than 10KB of memory per connection and less than 2% of network overhead. Many people believe that SSL takes a lot of CPU time and we hope the above numbers (public for the first time) will help to dispel that.