32 replies to this topic

[Cranium]

Quite often while browsing ComputerCraft Forums, I get a little popup on my browser(tested on OLD IE, and newest Chrome) that says there was an issue with the security certificates. I tried examining them, but it kept having issues doing so.
Is there a new issue with the website?

[RunasSudo-AWOLindefinitely]

Hmm. When I try to access the https:// version of the website, I get (in Firefox)

Secure Connection Failed
An error occurred during a connection to computercraft.info.
SSL received a record that exceeded the maximum permissible length.
(Error code: ssl_error_rx_record_too_long)

[theoriginalbit]

RunasSudo, on 18 January 2013 - 02:03 PM, said:

Hmm. When I try to access the https:// version of the website - snip -

I just get "Safari can't open this page"

[RunasSudo-AWOLindefinitely]

TheOriginalBIT, on 18 January 2013 - 02:05 PM, said:

I just get "Safari can't open this page"

And that is why you use Firefox. It actually tells you the problem.

[theoriginalbit]

RunasSudo, on 18 January 2013 - 02:32 PM, said:

TheOriginalBIT, on 18 January 2013 - 02:05 PM, said:

I just get "Safari can't open this page"

And that is why you use Firefox. It actually tells you the problem.

Well it does give a reason, its just in smaller text.... "Safari can't open this page <url> because Safari can't establish a secure connection to the server 'www.computercraft.info'"

[RunasSudo-AWOLindefinitely]

TheOriginalBIT, on 18 January 2013 - 02:41 PM, said:

Well it does give a reason, its just in smaller text.... "Safari can't open this page <url> because Safari can't establish a secure connection to the server 'www.computercraft.info'"

That's a pathetic excuse for a reason.
Safari: "We couldn't make a secure connection"
FF: "SSL received a record that exceeded the maximum permissible length."

[theoriginalbit]

RunasSudo, on 18 January 2013 - 02:42 PM, said:

That's a pathetic excuse for a reason.

Hey thats just Apple. They try to make it easy for the End User, not people like us. The average user would read that FF one and be "WTF?!"...

[NeverCast]

And that's why I avoid affiliating with average users, they expect me to talk like that too!

[Dlcruz129]

I've never gotten this error, and I haven't connected by https.

[RunasSudo-AWOLindefinitely]

Dlcruz129, on 18 January 2013 - 03:28 PM, said:

and I haven't connected by https

There's your problem! We're investigating why the https version of the site doesn't work.

[AfterLifeLochie]

The reason SSL doesn't work is because the server isn't actually initiating a correct SSL connection - probably because it's not configured. A quick test with openssl s_client yields the following.

[email protected]:~$ openssl s_client -connect computercraft.info:443

CONNECTED(00000003)
140523489707680:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:749:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 226 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---

[Dlcruz129]

RunasSudo, on 18 January 2013 - 03:51 PM, said:

Dlcruz129, on 18 January 2013 - 03:28 PM, said:

and I haven't connected by https

There's your problem! We're investigating why the https version of the site doesn't work.

Why would you connect via https? It's not like you submit any personal info or anything.

[dissy]

Dlcruz129, on 18 January 2013 - 04:34 PM, said:

Why would you connect via https? It's not like you submit any personal info or anything.

To make the post you did, you sent your username, password, and 9 cookies containing various state info including a password hash.

It's always best practice to connect using https by default and only fall back to http if it doesn't work.
If you encrypt nothing but one thing, that one thing is clearly something you are trying to hide. If you encrypt everything, even that bit of info isn't determinable.
The https_everywhere plugin even handles this automatically for you.

[Cranium]

Woah, I wasn't talking ANYTHING like https....
I was talking about the security certificate. Some sites have them, verifying that you are on the page that you are supposed to be...or something...I don't know anything about websites, or how they are written, I was just posting something I thought needed to be addressed.

[Dlcruz129]

Cranium, on 18 January 2013 - 05:59 PM, said:

Woah, I wasn't talking ANYTHING like https....
I was talking about the security certificate. Some sites have them, verifying that you are on the page that you are supposed to be...or something...I don't know anything about websites, or how they are written, I was just posting something I thought needed to be addressed.

Check this out: http://www.tldp.org/...-HOWTO/x64.html

Everything you want to know about certificates, and everything you don't give a shit about.

[dissy]

Cranium, on 18 January 2013 - 05:59 PM, said:

Woah, I wasn't talking ANYTHING like https....
I was talking about the security certificate.

Sorry, but that is too funny not to quote ;}

"I wasn't talking anything like encryption... I was talking about the encryption"

[Cranium]

I was talking not about the SSL, I was only talking about the certificate.....

[dissy]

Cranium, on 18 January 2013 - 07:08 PM, said:

I was talking not about the SSL, I was only talking about the certificate.....

It isn't possible to see/use/anything the certificate without SSL. SSL is the means certificates are exchanged, viewed, and used.

[Cranium]

dissy, on 18 January 2013 - 07:10 PM, said:

It isn't possible to see/use/anything the certificate without SSL. SSL is the means certificates are exchanged, viewed, and used.

Considering I said I have NO IDEA how websites are made, I guess I will not be able to convey what happened....

[D3matt]

Cranium, on 18 January 2013 - 07:20 PM, said:

dissy, on 18 January 2013 - 07:10 PM, said:

It isn't possible to see/use/anything the certificate without SSL. SSL is the means certificates are exchanged, viewed, and used.

Considering I said I have NO IDEA how websites are made, I guess I will not be able to convey what happened....

Certificates aren't used except in secure connections (HTTPS/SSL). If your browser is even trying to get a certificate and you're not using HTTPS, there's a problem on your end.