Certificate of thimbleweedpark.com expired

@RonGilbert: Since yesterday Firefox is telling me that the connection to thimbleweedpark.com is insecure. According to Firefox the certificate is expired.

I noticed that too. I had to take that picture from Mark Ferrari from the cached version on google.

1 Like

It’s working again.

2 Likes

It must take a day to propagate around the world wide web. I renewed it a day before it was expired.

2 Likes

No it doesn’t “propagate”, the cert is on your server. I think after you install the new cert you have to soft-restart apache, of course I don’t have a VPS and never have and the web interface (i.e. cpanel) takes care of that for me, but if you’re using SSH and not a web control panel then I’m pretty sure that’s what you do. In other words, after you install the new certificate the existing one remains active until Apache is restarted. It says so on Godaddy so must be true. :wink: For absolute certainty consult Trump’s twitter feed.

I’m a little surprised you’re not using an automated script to fetch and install the certificates every 60 days, as that’s what Let’s Encrypt intends.

Thank you for being a know-it-all. It may not “propagate”, but it does take a while after I renew for it (and restart Apache) to work on all my devices (mostly mobile ones). Yes, I know all about automatic scripts (I’m not a moron), I have to do it manually due to the complexity of my set up. grumpygamer.com is all automatic, thimbleweedpark.com is a very old, complex, and fragile installation and it’s not worth my time to upgrade it.

5 Likes

I wasn’t trying to be rude, I just didn’t understand why a certificate wouldn’t immediately update - I guess as I barely ever use mobile browsers I hadn’t considered that. If that’s the case I suggest generating a new private key & csr as that theoretically would force the browser to update the certificate.

And the forums run off nginx… bah I should have checked that.

I don’t either. I imagine the mobile or cell networks do some caching. I have had situations where after I restart apache, even my home Mac takes 5 minutes or so to see the change. Maybe if I shut down my browser, I would see it immediately. I’m just guessing.

These forums are hosted externally, not on my servers.

Ron

@RonGilbert: Since a week the expired certificate of thimbleweedpark.com prevents me from opening it in Firefox. Is this correct? Are you working on the site?

@all: Do you see the same error (for example in Chrome)?

Chrome 80.0.3987.132 -> no problem over here.

Edit: ok now it´s 85.0.4183.121 but still no problem

1 Like

Thanks! Seems to be a “problem” with Firefox: I tested it on a another different PC and again it says that the certificate expired (since 2020-09-19).

It’s not a Firefox problem, unless you mean on your PC specifically. :slight_smile: For me it’s the same in Chromium-based browsers.

1 Like

I would have assumed that Firefox blocks or lacks a root certificate. :slight_smile:

Opera (definitely the most user friendly, unless it’s my bank or something I don’t see why Google’s pushing all this HTTPS stuff anyway):

Summary

Vivaldi:

Summary

Firefox:

Summary

1 Like

6 Likes

It’s fixed now. The issue was I move blog.thimbleweedpark.com to a different server, but the old severs cert renewal still thought the blog was there, so it failed on renewal. That then failed to renew all the other certs that came after it.

2 Likes

That’s it. I’m a moron. Animated-GIF-The-Secret-of-Monkey-Island-Character-Guybrush-Threepwood-Guybrush-Holds-His-Breath-For-10-Minutes-Animated-GIF-Sprite

But we still don´t have the awesome Vista Banner on top of the site anymore :wink:
Would you mind to fix that too or is there a reason it´s gone?

Thanks
Tim