Every time I visit the Dope today, I get a pop-up that says, “There is a problem with the security certificate for this site.” When I click for details, it tells me the certificate is out of date. I trust the Dope, so I just click “continue”. Is anybody else getting this? I’m on my phone, by the way, so I really can’t post a screenshot.
The SDMB doesn’t have a security certificate installed, from what I can tell.
Then, I shouldn’t get a pop-up, should I?
As ZipperJJ has noted, the SDMB does not accept SSL connections. You are most likely getting an invalied SSL cert from an ad that is being loaded by the board.
I see this sort of thing when browsing the BBC’s website. If I re-load that site, I usually get ads without a certificate warning. There’s lots of reasons why your browser might think the cert is invalid when it actually is, but I’d cancel on loading the window ad re-load it anyway. An ad service who isn’t insuring that their site loads on most browsers doesn’t deserve the revenue.
I’m still confused. It may be a bad ad, as you say, but when I view the certificate, it does say “Straight Dope Message Board.” I regret I can’t post a screenshot, but I won’t discount an ad being responsible.
Wow, really? Does it claim to be issued by the SDMB? What is the problem being reported by the error message? The only open port on a scan of boards.straightdope.com is an unencrypted http port. Everything else is filtered or closed. Getting an SSL for the site seems strange enough that it makes me kind of alarmed. If you can post any details about the certificate and the error (almost no level of detail is too much), I’d be extremely interested.
I dunno. It’s something from Go Daddy and connexity.net and has a string of numbers and letters and is really beyond my comprehension. The error message I get it that the date on the certificate is invalid and was issued on January 23, 2015 and expires on January 23, 2016.
Sorry about the lack of detail. I’m on my Android phone and really can’t take a screenshot or copy it. I was just curious whether anyone else was getting it.
Ugh. That’s sounds like malware–or, at least, malvertizing. Either you have some malware on your computer, or some bad ad is pretending to serve a message about the SDMB–whether by faking the alert, or by actually generating an invalid certificate based on what website is being loaded.
I’d suggest, after saying it’s okay, checking the Page Info. In Firefox, you can right click and choose “show page info,” but I don’t know about other browsers. Look for unfamiliar URLs.
As I noted a couple of times, I’m on my Android phone, not a computer, and I’m getting this on the stock Android browser.
Ok, that sounds less nefarious. Connexity.net is the domain the certificate is issued for, they’re an advertising provider, and they apparently suck at renewing their SSL certificate. That’s what I initially thought the problem was. It doesn’t look like malware or a forged certificate to me.
I still wouldn’t load the certificate if you can avoid it. If they can’t be counted on to renew their certificate, they’re probably not the best-run shop.
I can’t avoid loading it. I can’t view the Dope unless I click “Continue.” But since I’m on a phone, I was more curious than concerned about it. Phones aren’t very prone to malware and I do have an antivirus program installed, anyway.
Yeah, I missed the post right before mine. I’m not entirely sure why that happens sometimes. (It seems to happen too often for it just be because I overlooked it.) I was going by the previous post where the OP said “Straight Dope Message Board” was the name on the certificate. That’s what made me think it was spoofed or forged.
That, sadly, is no longer the case for Android phones.