Discussion in 'Site Support and Feedback' started by Dobbo25, Apr 2, 2018.
Anyone else getting a "Site Not Secure message " when they log in?
It's most likely due to the site not being on HTTPS.
It would be nice to have e .g. Let's Encrypt certificates in use at some point, though.
Sorry 'Website not secure' it says, Not only this site but two other forums as well.Never happened before until today.
Have you possibly updated browser or OS since last logging on? Could be a new setting.
It’s most definitely related to the site not being on https.
Not recently, it has only been happening since this afternoon. I've been through all the settings and nothing has changed. It only happens on this forum, TSR and ShaveNook.
Same here with AGT and was with TSR. With TSR I manually entered https:// on the log in page then bookmarked it, problem solved. However, it doesn't seem to work with this site. Incidentally, I only get the warning message when using my laptop or PC. I use Firefox. It's fine on my phone.
I'm using latest Safari and a Firewall neither of which has updated in over two weeks. I'll try your https method and see if it helps.
Worked with TSR but not this site.
Not this website.
But, I was getting at the Shavemac site..
No issues my end but will ask the experts.
I use the KB SSL enforcer plugin for Chrome.
Ok Chaps, we have been in contact with our provider, from the Gentleman:
due to an oversight, Public-Key-Pins were enabled, which sets a 2592000second (1 month) header in the browser. If I replace the SSL certificate while the Public-Key-Pins header is still set, you will get a security warning while attempting to access the site.
You can manually clear the header in your browser.
Chrome (Desktop and Mobile Version):
Safari and Edge, you should just need to clear the cache for the site.
Chrome is currently planning on depreciating PKP in May 2018:
However, as the header has been previously set, until this is either removed from your browser manually, or the header value expires and is removed from the browser when it attempts to fetch it again (and find's it's no longer there), there will be errors accessing the site from the 22nd April. I'll delay swapping the certificate until the very last minute.
Apologies in advance for this, and hopefully it won't cause any issues after the 22nd once the certificate is replaced if you have cleared the browser cache per the previosuly mentioned methods.
Hopefully this helps.
Separate names with a comma.