Dear Eyal Redler,
How are you getting on ?
I am writing to suggest.
Does the proposal meet with your approval?
Why do not you set up an "SSL server certificate" on the server running your website?
Every time I access the site, I see "Not secure" next to the Safari URL, which is a bit annoying.
Of all the app development and sales-related sites I currently visit, this one seems to be the only one that hasn't been changed to https://.
Respectfully, WAKAMASTU
set up an "SSL server certificate"
Moderators: Eyal Redler, redlers, Ori Redler
-
- Knows everything, can prove it
- Posts: 150
- Joined: Fri May 04, 2018 4:00 am
Re: set up an "SSL server certificate"
Actually, the site has a cert. You can go to https://forum.mellel.com.
It's a self-signed cert, which has no impact on security other than not having a chain of trust to follow. The cryptography between browser and web server is the same. You'll have to tell your browser you trust Mellel's self-signed certificate. After that, it's just another secure site.
Signed certs are certainly nicer, but they are also a little bit of a racket.
Anyone can sign a certificate. For your signature to be automatically recognized in a browser, you need to be signed by someone whose cert was signed by someone the user's browser trusts.
Write Microsoft a huge check and meet some business legitimacy criteria, and Microsoft Edge will start recognizing your signature. Repeat for Firefox, Chrome, etc., and you, too, can be a certificate signing authority.
Personally, I paid for a recognized signature for my career-based blog site, but I don't have an issue with self-signers.
I'm convinced this site is actually Mellel. My traffic is encrypted. Life's good, but you're right, too. A recognized endorsement signature on Mellel's cert would be a nice touch.
It just wouldn't actually improve anything beyond perception.
It's a self-signed cert, which has no impact on security other than not having a chain of trust to follow. The cryptography between browser and web server is the same. You'll have to tell your browser you trust Mellel's self-signed certificate. After that, it's just another secure site.
Signed certs are certainly nicer, but they are also a little bit of a racket.
Anyone can sign a certificate. For your signature to be automatically recognized in a browser, you need to be signed by someone whose cert was signed by someone the user's browser trusts.
Write Microsoft a huge check and meet some business legitimacy criteria, and Microsoft Edge will start recognizing your signature. Repeat for Firefox, Chrome, etc., and you, too, can be a certificate signing authority.
Personally, I paid for a recognized signature for my career-based blog site, but I don't have an issue with self-signers.
I'm convinced this site is actually Mellel. My traffic is encrypted. Life's good, but you're right, too. A recognized endorsement signature on Mellel's cert would be a nice touch.
It just wouldn't actually improve anything beyond perception.
Re: set up an "SSL server certificate"
Dear Amontillado,
Thank you for your eclaircissement.
Your comments put some real substance into the equation.
I will make a change to this URL based upon your proposed secure surroundings.
New realign shows with locked icon in my Safari.
Thx and regards, WAKAMATSU
Thank you for your eclaircissement.
Your comments put some real substance into the equation.
I will make a change to this URL based upon your proposed secure surroundings.
New realign shows with locked icon in my Safari.
Thx and regards, WAKAMATSU