Official Thimbleweed Park Forums

Certificate of thimbleweedpark.com expired


#1

@RonGilbert: Since yesterday Firefox is telling me that the connection to thimbleweedpark.com is insecure. According to Firefox the certificate is expired.


#2

I noticed that too. I had to take that picture from Mark Ferrari from the cached version on google.


#3

It’s working again.


#4

It must take a day to propagate around the world wide web. I renewed it a day before it was expired.


#5

No it doesn’t “propagate”, the cert is on your server. I think after you install the new cert you have to soft-restart apache, of course I don’t have a VPS and never have and the web interface (i.e. cpanel) takes care of that for me, but if you’re using SSH and not a web control panel then I’m pretty sure that’s what you do. In other words, after you install the new certificate the existing one remains active until Apache is restarted. It says so on Godaddy so must be true. :wink: For absolute certainty consult Trump’s twitter feed.

I’m a little surprised you’re not using an automated script to fetch and install the certificates every 60 days, as that’s what Let’s Encrypt intends.


#6

Thank you for being a know-it-all. It may not “propagate”, but it does take a while after I renew for it (and restart Apache) to work on all my devices (mostly mobile ones). Yes, I know all about automatic scripts (I’m not a moron), I have to do it manually due to the complexity of my set up. grumpygamer.com is all automatic, thimbleweedpark.com is a very old, complex, and fragile installation and it’s not worth my time to upgrade it.


#7

I wasn’t trying to be rude, I just didn’t understand why a certificate wouldn’t immediately update - I guess as I barely ever use mobile browsers I hadn’t considered that. If that’s the case I suggest generating a new private key & csr as that theoretically would force the browser to update the certificate.

And the forums run off nginx… bah I should have checked that.


#8

I don’t either. I imagine the mobile or cell networks do some caching. I have had situations where after I restart apache, even my home Mac takes 5 minutes or so to see the change. Maybe if I shut down my browser, I would see it immediately. I’m just guessing.

These forums are hosted externally, not on my servers.

Ron