Some of you may have noticed that the site was fucked for a bit this morning... I know I did. Just thought I'd let you know what happened. I'm cheap, so Binary set us up with free SSL certificates from an excellent certificate provider called LetsEncrypt: https://letsencrypt.org/ Every 2 weeks the TiB server goes out and renews those certificates automagically. Just under 2 weeks ago I had to move our virtual server into a new environment at our hosting provider. It was like a server upgrade that our hosting service wanted us to do so they could get us off old hardware and into newer, better hardwaref, so I moved everything over and did a system OS upgrade at the same time. Everything was working fine, until the SSL Cert process kicked off sometime this morning. It reads some configs we have for our web services and then makes an automated request to the Cert provider for new ones, and then installs them. Apparently some old testing site configs were resurrected somehow (Binary and I have no real clue how that happened... drinking may have been involved), and they confused things, so it messed up the server restart once the new certs were put in place. It's like we had 3 different server configs for TiB running at the same time and they all had different info so the server got confused. Binary is now in Rome and the two of us started into figuring out what was going on, and I found that there were some new Firewall rules introduced that caused some problems (joys of increased security... you have a better chance of locking people out by accident), and he found the server config issues. We both affected the changes needed, rebooted the server, and things are now again working. He's now heading off to the night life in Rome, and I'm going to make some breakfast. Big thanks to Binary for hopping on board and helping fix this.
Many thanks to you and Binary for keeping this going and doing all that stuff you did, usually while none of us notice. Just FYI, I still get certificate errors when trying to access the site from my phone. I cleared the cache, and tried both the native Browser and my Browsie Browser app. I have a BlackBerry 10 device, so I am sure mine is the exception.
Can you tell me the error? Any browser that doesn't have the Let's Encrypt root certificate installed and trusted will throw an error. I just said fuck it, the site is small enough that it's worth the potential for a couple people to see errors, to do something free that improves security. Especially since we run a porn and cyber bullying site. I wouldn't want any of that traffic to be seen by firewalls.
What browser are you using? I'm betting that it's an older BlackBerry browser that doesn't have the LE root certs included.
https://community.letsencrypt.org/t/which-browsers-and-operating-systems-support-lets-encrypt/4394 Known not to work: Blackberry.
https://supportforums.blackberry.co...pt-certificate-and-browser/m-p/3169561#M13153 Seems you have to manually import the root cert into BB. @Rush-O-Matic :: You can give that a try and it should solve it for you.
I don't want to hog this thread just for me, but in case there's a learning exercise here, or maybe somebody else needs the info, I'll respond. This is the error: If I "view certificate," as you know, it reads Let's Encrypt Authority X3 www.theidiotboard.com Yes, apparently. And, just to be clear, as you pointed out in your second post, it's the BlackBerry OS (10.3.2.556 in my case), not the specifically the Browser. I tried the native BlackBerry Browser and a couple others, with no luck. (FYI, anyone using a BlackBerry 10 device - haha, I know it's just me - I highly recommend Browsie Browser. When I downloaded it, it was free. I think it's $2.99 now, but it's very good, if you're having trouble with the native one.) I went through that. I have never imported certificates before, so I really didn't know what I was doing. I successfully imported all the .der files (which were actually .cer files). But, then the second user in that forum post wrote . I don't know how to do that part. I downloaded the text on the page you linked from the Let's Encrypt hotlink . . . but, then I didn't know what to do next. Importing certificates only let's me import .cer files, not .txt files. Can I create a .cer file from that text for the DST Root CA X3? Also, in a bit of irony, when I followed the instruction: "On your device. go to https://letsencrypt.org/certificates/" I got the certificate error. So, I used my PC to download them all to my dropbox and imported them that way. What happens if I just add it to the exceptions? If I check the box "I understand the risk" I would be lying, as I don't understand the risk.
If you add a permanent exception, it's the same as the browser saying, "fine, we warned you, but you said don't worry about it, so we won't bug you about it any more." That would work just fine.
Having my own site, I know that feeling of "Aw shit, there goes my plans til it's fixed." Thanks for all you guys do to keep the ship afloat.
I couldn't find the "new site format" thread, so I'm just putting this here: If I click on MY profile page, the empty box reads "update your status," is limited to 140 characters, and posts in the "Status" box on the main page. If I click on somebody else's profile page, the empty box reads "write something," and doesn't have a character limit. What does that do? Does it start a PM conversation? And, what's a "starred" conversation?
If I write in your status update, it shows up on the main page as a public note to you, from me. It's like writing on that person's wall. The starred conversations are about PM's or conversations... click on the envelope to the left of the flag, and you can either create a new conversation or view an old one. You can arbitrarily "star" conversations, like making it a favourite, an then list only those starred or favourited conversations.