If you can read this...

Every time we go through something like this it's like being glued to a toilet seat.
 
Vance Wood said:
Every time we go through something like this it's like being glued to a toilet seat.
Click to expand...

I am pretty sure it has to do with the SSL certificate being self-signed. I have an order queued to install a new certificate. Because we are dealing with a 3rd party it will take a while for it to get implemented. Hopefully be complete when I wake up in the morning.

Not sure why this suddenly became such an immediate issue; it wasn't causing problems prior to the migration. I have some ideas, but let's just hope the new certificate being installed will take care of the problem.

At any rate... once this is taken care of we will be in much better shape going forward.
 
Bonsai Nut said:
I am pretty sure it has to do with the SSL certificate being self-signed. I have an order queued to install a new certificate. Because we are dealing with a 3rd party it will take a while for it to get implemented. Hopefully be complete when I wake up in the morning.

Not sure why this suddenly became such an immediate issue; it wasn't causing problems prior to the migration. I have some ideas, but let's just hope the new certificate being installed will take care of the problem.

At any rate... once this is taken care of we will be in much better shape going forward.
Click to expand...

Yeah, that’s always the hassle with self signed. They’re never “trusted” because they don’t come from a certificate authority, even if they’re still secure. Ah, the joys of ssl.
 
Traken said:
Yeah, that’s always the hassle with self signed. They’re never “trusted” because they don’t come from a certificate authority, even if they’re still secure. Ah, the joys of ssl.
Click to expand...
I understand; ass holes have to abide by the law but they still try to insist that you do things their way and pay them for the privilage.
 
Vance Wood said:
I understand; ass holes have to abide by the law but they still try to insist that you do things their way and pay them for the privilage.
Click to expand...
It’s not really a legality thing as much as trying to create a semblance of organization. You can generate your own security certificate for a server/site, but since anyone can make one, technically someone could do something malicious. There are a handful of official certificate authorities that can generate trusted certificates, which makes sense. It just sucks because you have to pay and wait for one, when it takes no time or cost to generate your own.
 
Oh good we're back. Was getting SQL errors all morning. I felt so alone...

lmao, thanks for all your hard work on this migration, Greg.
 
We have the security certificate issue resolved... but it will take up to 48 hours for the new security certificate to be installed on the site. Weekends tend to take longer because not too many people are working. Note that we are not changing a THING to the site - just the security certificate that says the site is "safe", LOL. So the site is safe... I just have to go through a third party to get the security certificate.

We had a separate issue with the daily site backups being copied to our fast (expensive) SSD storage, instead of our slow (less expensive) archive storage. Since the site backups include all the images, they are about 65 GB each, and quickly brought our SSD to its knees. That was the problem that crashed the site this AM :) I guess that is just proof that I am backing up the web site, LOL!
 
Last edited:
Bonsai Nut said:
We have the security certificate issue resolved... but it will take up to 48 hours for the new security certificate to be installed on the site. Weekends tend to take longer because not too many people are working. Note that we are not changing a THING to the site - just the security certificate that says the site is "safe", LOL. So the site is safe... I just have to go through a third party to get the security certificate.

We had a separate issue with the daily site backups being copied to our fast (expensive) SSD storage, instead of our slow (less expensive) archive storage. Since the site backups include all the images, they are about 65 GB each, and quickly brought our SSD to its knees. That was the problem that crashed the site this AM :) I guess that is just proof that I am backing up the web site, LOL!
Click to expand...
I got a little freaked out when I was unable to get up on the site on any of my devices, despite my best efforts. Then I figured you must be working on it, and decided to check back in later. Voila!, works fine now. Thanks for all your hard work.

Where is the money coming from for the switchover? I'm sure it wasn't free
 
Safari finally let me in on my phone today, I could get in on my iPad yesterday.

Thanks for all you do Greg.
 
Lazylightningny said:
I got a little freaked out when I was unable to get up on the site on any of my devices, despite my best efforts. Then I figured you must be working on it, and decided to check back in later. Voila!, works fine now. Thanks for all your hard work.

Where is the money coming from for the switchover? I'm sure it wasn't free
Click to expand...

It's not free. It's going to cost $1000 more per year. That's why I ask for donations :)
 
Continuing software upgrades. Do not be alarmed. :)
 
Fancy new like buttons :) Make sure you close down your browser window(s) and reload the site. I made a lot of changes in the last few hours.
 
Last edited by a moderator:
All software has been updated / upgraded. We are running newest versions of everything.

There were some minor unavoidable formatting changes (like we lost our fancy bonsai leaf icons) so I will be changing those... as well as any other glitches that I find.
 
Bonsai Nut said:
We have the security certificate issue resolved... but it will take up to 48 hours for the new security certificate to be installed on the site. Weekends tend to take longer because not too many people are working.
Click to expand...

Oh man, that means that I will have to actually work tomorrow and tuesday instead of just browsing BNut all day waiting for the time-clock to run it's course.
 
Traken said:
It’s not really a legality thing as much as trying to create a semblance of organization. You can generate your own security certificate for a server/site, but since anyone can make one, technically someone could do something malicious. There are a handful of official certificate authorities that can generate trusted certificates, which makes sense. It just sucks because you have to pay and wait for one, when it takes no time or cost to generate your own.
Click to expand...

Exactly. I had a process in place to use and update a self-signed certificate long before it was required... because it was fast and convenient and SAFER than using an outside party. If you Google the "risk" associated with using a self-signed certificate, you won't find one. The only "risk" is a "perceived risk" because browser companies "don't like them". I have yet to read about a SINGLE security issue related to using a self-signed certificate.

However there is a REAL risk associated with using a certificate authority (CA) to obtain your certificate. You are basically adding another party to the security of your site. If they get compromised - ALL THE SITES that they provide certificates for are compromised. This is why many organizations use self-signed certificates for internal communications - they aren't allowing anyone into their security infrastructure. I guarantee you the CIA or Defense Department isn't using an outside party to provide the security certificates for their online traffic :)

What say do I (as a web site owner) have in it? None. The browser oligopoly determines what security they want me to use - and will send alarmist messages and/or block access to my site if I disagree, even if my security is as good - if not better - than what they require.
 
Bonsai Nut said:
Exactly. I had a process in place to use and update a self-signed certificate long before it was required... because it was fast and convenient and SAFER than using an outside party. If you Google the "risk" associated with using a self-signed certificate, you won't find one. The only "risk" is a "perceived risk" because browser companies "don't like them". I have yet to read about a SINGLE security issue related to using a self-signed certificate.

However there is a REAL risk associated with using a certificate authority (CA) to obtain your certificate. You are basically adding another party to the security of your site. If they get compromised - ALL THE SITES that they provide certificates for are compromised. This is why many organizations use self-signed certificates for internal communications - they aren't allowing anyone into their security infrastructure.

What say do I (as a web site owner) have in it? None. The browser oligopoly determines what security they want me to use - and will send alarmist messages and/or block access to my site if I disagree, even if my security is as good - if not better - than what they require.
Click to expand...

Not to mention the fact that it's kinda insulting that you have to pay to buy a certificate, just to make sure browsers allow people in. It's almost like holding your site hostage. heh.
 
You must log in or register to reply here.

Similar threads

Oddly_Aude
I'm super awful at wiring, I read a new book and I think I've improved a bit. Decided to try my Ficus concinna in the literati style.
Replies
14
Views
428
Oddly_Aude
Oddly_Aude
pictorangelicvs
How To Read Chinese Painting -- A Lecture by Maxwell Hearn, Chairman of Asian Art at The Metropolitan Museum
Replies
0
Views
700
pictorangelicvs
pictorangelicvs
BitsaBon
Anyone got a good read on what cultivar this is?
2
Replies
22
Views
2K
SouthernMaple
SouthernMaple
Deep Sea Diver
Did I read this correctly, or did I just miss the memo?
2
Replies
27
Views
5K
Deep Sea Diver
Deep Sea Diver
Mike Corazzi
The most profound paragraph I've read here.
2
Replies
20
Views
2K
Paradox
Paradox
Back
Top Bottom