offtopic: osronline cert expired?

Chrome started yelling at me that https://osronline.com/ is not secure,
i.e. the cert is bogus. Time to renew?

Mark Roddy

On Mon, 20 Feb 2017, Mark Roddy wrote:

Chrome started yelling at me that https://osronline.com/ is not secure,
i.e. the cert is bogus. Time to renew?

Yes, Firefox gives error: SSL_ERROR_BAD_CERT_DOMAIN

Bo Brantén

There can be other reasons that web page is not secure without the certificate being ‘bogus’.

The certificate expires on 14th May 2017, so expiry is not the reason. Nor has its certificate chain expired.

Chrome may be complaining because not all of the web page is protected by the certificate (e.g. the 2016_01_insider.jpg and the favicon.ico);
another certificate-related possibility is that Chrome has started to deprecate use of SHA-1 signatures. (SHA-256 is normal nowadays.)

From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Mark Roddy
Sent: 20 February 2017 16:34
To: Windows System Software Devs Interest List
Subject: [ntdev] offtopic: osronline cert expired?

Chrome started yelling at me that https://osronline.com/ is not secure, i.e. the cert is bogus. Time to renew?

Mark Roddy
— NTDEV is sponsored by OSR Visit the list online at: MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers! Details at To unsubscribe, visit the List Server section of OSR Online at

Mark,
My FF51 tells me the cert is for “www.osronline.com”, your original message talks about “https://osronline.com/” (without the www. bit).

Could you just have a bad bookmark?

On Mon, 20 Feb 2017, xxxxx@attryde.com wrote:

Mark,
My FF51 tells me the cert is for “www.osronline.com”, your original message talks about “https://osronline.com/” (without the www. bit).

Could you just have a bad bookmark?

It is not a bad bookmark if you get a cert error instead of “server not
found”. However you are right that the error only ocurs if you skip the
www prefix (witch osr has configured it server to allow so its still an
error)

Bo Brantén

Well whatever the reason, it was working just fine last week. Having had
several unfortunate experiences lately I am a bit paranoid about what I
connect to on the vast criminal enterprise known as the internets.

Mark Roddy

On Mon, Feb 20, 2017 at 1:39 PM, Bo Branten wrote:

> On Mon, 20 Feb 2017, xxxxx@attryde.com wrote:
>
> Mark,
>> My FF51 tells me the cert is for “www.osronline.com”, your original
>> message talks about “https://osronline.com/” (without the www. bit).
>>
>> Could you just have a bad bookmark?
>>
>
> It is not a bad bookmark if you get a cert error instead of “server not
> found”. However you are right that the error only ocurs if you skip the www
> prefix (witch osr has configured it server to allow so its still an error)
>
> Bo Brantén
>
>
> —
> NTDEV is sponsored by OSR
>
> Visit the list online at: http:> lists.cfm?list=ntdev>
>
> MONTHLY seminars on crash dump analysis, WDF, Windows internals and
> software drivers!
> Details at http:
>
> To unsubscribe, visit the List Server section of OSR Online at <
> http://www.osronline.com/page.cfm?name=ListServer&gt;
></http:></http:>

Should be fixed. You may now return to feeling safe and protected.

-scott
OSR
@OSRDrivers

“Mark Roddy” wrote in message news:xxxxx@ntdev…
Chrome started yelling at me that https://osronline.com/ is not secure, i.e.
the cert is bogus. Time to renew?

Mark Roddy