clients.x10hosting.com security certificate?

Status
Not open for further replies.

booksgo

New Member
Messages
109
Reaction score
0
Points
0
Is it safe? When I click on Account Addons in cPanel I get this message from Opera:

The server's certificate chain is incomplete, and the signer(s) are not registered. Accept?
 

Corey

I Break Things
Staff member
Messages
34,553
Reaction score
204
Points
63
I'm taking care of this now... we recently moved our client area and the cert must not have taken properly.

-Corey
 

Corey

I Break Things
Staff member
Messages
34,553
Reaction score
204
Points
63
Thank you for the report, it's now fixed.

-Corey
 

booksgo

New Member
Messages
109
Reaction score
0
Points
0
Thanks, but Opera still doesn't like it and can't setup a secure connection. Other browsers are OK with it though.
 

briapv

New Member
Messages
47
Reaction score
0
Points
0
Then ask Opera if you want the x10hosting security certificate in their database... Firefox its just registered >:D
 

booksgo

New Member
Messages
109
Reaction score
0
Points
0
There's no way of telling Opera, is there?

If I click to 'Approve' the certificate, the page loads ok but the connection is not secure, and looking at the details it says:

"The certificate is not signed by a trusted authority."
 
Last edited:

jmcgowan

Member
Messages
134
Reaction score
1
Points
18
If the page is supposed to be secure (ie - an order page, etc...) it can still be secure if it has an invalid certificate. By secure, the browser is usually just referring to whether or not the information is being encrypted before it's sent out (address begins with https://). However, the security questions still exist in terms of phishing. In other words, are you personally sure that the website you're looking at really is the website you want. As an example of when it is ok to trust a website with invalid certificate, the US Army issues their own certificates. Therefore, if you go to a US Army website (ie - www.us.army.mil) you'll get a warning about the certificate because the US Army is not recognized as a valid organization to issue certificates. However, since I do trust the US Army to issue certificates for its own websites then I tell firefox to ignore the supposed problem.
 

Corey

I Break Things
Staff member
Messages
34,553
Reaction score
204
Points
63
Not sure... I've verified it working in IE and FF :)

-Corey
 

Livewire

Abuse Compliance Officer
Staff member
Messages
18,169
Reaction score
216
Points
63
Maybe something to do with this stunnel thing, whatever that is?!

http://bloggit.livejournal.com/26595.html

Only doubt it because Corey tested it in firefox and it works fine; if you read the first paragraph, it's about making a godaddy SSL cert work with Firefox.

Plus I dunno where he got the cert from but if it's not from godaddy the whole link's trashed; whatever opera is using, it's doing things differently. Dunno if that's good or bad overall, but it's bad for now :S
 

davearonson

Member
Messages
71
Reaction score
0
Points
6
Then there's the whole question of what it means to be "secure". As someone pointed out above, a "secure connection" is mainly about encrypting it to secure against eavesdroppers. As another person pointed out, certificates also help with *authentication*, i.e., making sure you're really talking to the party you *think* you're talking to. But... as someone else said elsewhere long ago, most so-called web security is like ensuring you use an armored car to take a loose wad of cash from someone living on a park bench to someone living in a fridge box under a bridge. That is, once the secure *connection* has been used, to the *authenticated* party, your "security" worries are *not* over, by any stretch.
 

Corey

I Break Things
Staff member
Messages
34,553
Reaction score
204
Points
63
As far as i know this is resolved so I'm going to close it out. OP please let me know if you have any other issues with this topic.
 
Status
Not open for further replies.
Top