TDWTF is insecure! Gasp! No actually its certificate just expired
-
Fortunately I have been able to post thanks to the magic of setting my system clock one day back.
Paging @ben_lubar, @boomzilla, or whatever
takes care of this
-
Heh.
-
Firefox isn't complaining (yet), but looking at the certificate details it says "Unable to validate certificate because it has expired."
Good job...
-
Chrome won't allow me to "proceed anyway". I don't know why they've removed that option, I don't need to be treated with kid gloves. Just give me a button that says "I know this is a bad idea, but fucking do it anyway!!!".
I've managed to log in via the magic of using Edge.
-
Chrome was.
It's fixed now.
-
Ugh, the cert was being renewed but I didn't tell nginx to reload it.
Should be fixed permanently now.
-
@DoctorJones said in TDWTF is insecure! Gasp! No actually its certificate just expired:
Chrome won't allow me to "proceed anyway". I don't know why they've removed that option, I don't need to be treated with kid gloves. Just give me a button that says "I know this is a bad idea, but fucking do it anyway!!!".
I've managed to log in via the magic of using Edge.
That option still exists; type
thisisunsafe
to bypass HSTS.
-
Type it where mate?
-
@DoctorJones said in TDWTF is insecure! Gasp! No actually its certificate just expired:
Type it where mate?
nowhere, just type it
here's an example: https://subdomain.preloaded-hsts.badssl.com/
-
@Zecc said in TDWTF is insecure! Gasp! No actually its certificate just expired:
Fortunately I have been able to post thanks to the magic of setting my system clock one day back.
Fortunately I was able to purchase TDWTF limited time offer of lifetime subscription for mere $99 a month with free 14-day trial just entering my credit card... detail... wait a minute
-
@ben_lubar said in TDWTF is insecure! Gasp! No actually its certificate just expired:
@DoctorJones said in TDWTF is insecure! Gasp! No actually its certificate just expired:
Type it where mate?
nowhere, just type it
here's an example: https://subdomain.preloaded-hsts.badssl.com/
What the fuck?! That is so obtuse!
Thanks!
-
@Applied-Mediocrity said in TDWTF is insecure! Gasp! No actually its certificate just expired:
@Zecc said in TDWTF is insecure! Gasp! No actually its certificate just expired:
Fortunately I have been able to post thanks to the magic of setting my system clock one day back.
Fortunately I was able to purchase TDWTF limited time offer of lifetime subscription for mere $99 a month with free 14-day trial just entering my credit card... detail... wait a minute
Ha! If you hit cancel first you only had to pay $49.99 a month.
-
@Zecc said in TDWTF is insecure! Gasp! No actually its certificate just expired:
Paging @ben_lubar, @boomzilla, or whatever takes care of this
Of course, the funny thing being that none of the mentioned people wouldn't get a desktop notification (at least in Chrome, IIRC) even if they bypassed the warning. Desktop notifications don't work without HTTPS any more. Which... I mean, if it's an expired or invalid cert, fine, but using not allowing notifications at all on HTTP sites is kinda silly...
Anyway, that's why you poke blubar on Discord when shit goes boom :P
-
@ben_lubar how do you do that on mobile?
I stopped entering cheatcodes back in high school.
-
@DoctorJones They change it regularly and don't document it since they don't want mere mortals to use it. The primary audience is for system admins trying to resuscitate a dead site or browser developers verifying functionality. It used to be
badidea
.
-
@TwelveBaud and system admins aren't a big part of their userbase, so forcing them to perform ridiculous secret rituals that aren't found in any official documentation or help pages just to get their job done is perfectly fine...
-
@ben_lubar said in TDWTF is insecure! Gasp! No actually its certificate just expired:
Should be fixed permanently now.