Personal View site logo
Cinema gear deals, direct from factories - Gear deals and Gear deals section. Also check Cameras, lenses, software, gear deals.
You support is vital for us. To keep this place ad free and independent, select one of the options below.
Donations are going to community support costs, hosting, etc. Your support allows to improve and expand this site.
HTTPS / SSL now works on PV
  • All must work, except mixed content on topic with images.

    Images still are served over http, must be fixed soon.

  • 9 Replies sorted by
  • Also note that absolute recent Chrome 56 / Firefox 51 can show issue with certificate due to Google, Apple and few other companies attempt to push out Chinese companies (WoSign who also owns StartCom) out of very profitable certificates market by illegaly blocking their issues and also later root certificates.
    Main fight is for cheap and free certificates, where Google want Let's Encrypt to remain only option. Just note that Google requires to install their software with root rights if you want to use LE certificate, now it is harmless, but issues can be severe.

  • Youtube and Vimeo fixed.

  • News and outside forum links fixed. All links back to forum also will keep SSL.

    Images fix will be done soon.

    Certificate change later.

  • I've been following the Wosign/Startcom certificate issues for the last 6 months. Wosign has been disqualified due to their shitty operations, not due to some ulterior motives re Chinese business:

    • They issued certs of well known sites to unrelated individuals (This is what started the ball rolling: https://www.schrauger.com/the-story-of-how-wosign-gave-me-an-ssl-certificate-for-github-com - open in IE since Microsoft stilll allows Startcom certs)

    • They issued many SHA1 certs while SHA1 had been deprecated and issuance banning was in effect. They also cheated and back-dated the certs so people would think that the certs were issued before the ban.

    • They lied when asked by Mozilla Security Forum about SHA1 issuance.

    • They hid their taking over Startcom, and went to a great length not to divulge that fact- contrary to the basic CA policy requirements that they've signed. Startcom started using WoSign infrastructure in the background, with some illegal cert operations.

    If you care and willing to spend a good part of your day to follow the disqualification discussion, please head over to https://groups.google.com/forum/?hl=en#!topic/mozilla.dev.security.policy/k9PBmyLCi8I%5B1-25%5D (as well as other Wosign entries in that Security forum)

    A shorter summary is here https://wiki.mozilla.org/CA:WoSign_Issues

  • @Kob

    I know all this, yet

    Someone who in politics or economics believe on bare word is no more then full idiot.

    V. Lenin

    Just look who made all this scandal up, strangely it is media who are owned by same funds as Google and such. Look at the actual history of SHA-1 issuance, look at the history on why and how github and such certificates where issued.

    What exact right two corporation have to block paid products by third corporation? Actually none. Thing that you see is called corporate wars for market. And as any war it also is accompanies by proper rhetoric that we are fighting for good and they are evil.

  • Certificate updated to valid one.

    Only images mixed content left now.

  • Images must be fixed now.

    Note that external images can still be served via http.

  • Google continue their crusade. Aim is to destroy all main competitors on very sweet market (good money and almost zero expenses).

    https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/eUAKwjihhBs/rpxMXjZHCQAJ

  • Next move

    Symantec, GeoTrust, Thawte and RapidSSL will join the list of non trusted certificates.

    Google and Mozilla works in tandem pushing Google technology and making it the monopoly.