I’m getting SSL error on this site. What’s going on? @TabloTV
EDIT: I just did a check of the SSL cert and they forgot to renew it. That is crazy for a company! Certs can be had for free these days.
Firefox is not giving errors, but things are working weird. It’s not recognizing that I have read recent posts, and when I tried to post, seems to have gotten stuck. It did NOT show this post, either. I found out what is going on by using Edge.
Chrome on my phone says the site is unreachable. Edge on both phone and computer work, but do give the warning about being unsafe. Firefox doesn’t warn, but seems to ignore everything after what I assume is a June 1 expiration.
Really, really sad - it’s not the first time .tablotv.com has has issues with it’s certificates expiring .
They use a common wildcard, so… they had the certificate, it was in place for www, just not for community (this time).
For me site was here but when you clicked on something would never load, just spinning circle.
I’m not a fan of wildcard certs. These days certs are cheap or free. it’s not a huge vulnerability. I’m probably just being paranoid because I spend too much time with cyber security people. 
In my opinion it’s similar to password reuse. The Linode server gets compromised then so do all the other servers.
Been feeling this pain myself. We used to use wildcard certs at work, which made life easier, but because of security concerns our SSL certificates now have to be renewed yearly and can no longer be wildcard certs.
It’s annoying. My certs renew every 3 months.
Ouch. That would be a real pain for us. The web application for the primary client I support requires the SSL cert be installed on each server, not just on the load balancer.
I’m the opposite, a big fan of wildcard certs rather than maintaining a myriad of certificates and the potential cost and potentially staggered expirations, etc. It can be a mad house.
Edit: But, I’m also not a big fan of turning over the keys to all my kingdoms to “idiots”. So, if you’re throwing your “gold” freely to the masses in hopes they know what they are doing, etc… etc…
1 Like
It’s definitely more costly even with a single cert as we had to move to getting a cert that has about 35 alt names in order to cover all the various sites associated with the web application for all the various environments. And it’s something like $275 per alt names.
If you control all the servers wildcard isn’t that bad. I’m a bit more skeptical when some are AWS, some are Linode, and some Azure for instance. I think you would have to use a man in the middle or maybe DNS poisoning. That’s a reasonably high bar so I’m probably over cautious.
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.