Site not safe warning in chrome.

[PossumsDad]

Starting late this afternoon I get this error when trying to access this site:

Your connection is not private
Attackers might be trying to steal your information from www.gardenpondforum.com(for example, passwords, messages or credit cards).


NET::ERR_CERT_AUTHORITY_INVALID

I also tried Windows Internet Explorer and I still get this message.

Phil

 

[Lisak1]

Yup. We all noted that on another thread. Clearly we were all scared away!

 

[Big Lou]

I got it on Windows Mail and Yahoo mail.

 

[Ian]

Thanks for the heads up - the SSL certificate didn't automatically renew for some reason (the thing we use for HTTPS), so I've manually renewed it while I speak to the hosting company .

 

[Ian]

It looks like I've found the issue - when the control panel renews the SSL certificate, it creates a temporary directory on the website so that the certificate authority can validate the URL. As we've got our security settings set so tightly, the directory wasn't allowed to be created, so the authorisation check failed and the SSL certificate wasn't renewed.

I've added a manual exclusion for that directory, so it should work when it tries to renew next time around. I'm also going to tweak our monitoring software to alert me to anything going wrong with SSL, as I didn't get any alerts overnight which should normally happen (as the sites are working fine, technically - but browsers will display warnings for expired certificates).

 

[PossumsDad]

Thanks lan for letting us know the problem.