Ssl certificate not valid

[Anthony Meaney]

Am getting a warning when I log in that the certificate isn't valid. anyone else experiencing this?

[Greg Mihalik]

Yes.

Grant a permanent exception.

[Ken Larson]

YEP…Microsoft alerted me also last night.
IGNORED and signed in.

BPL ISSUE?

[Anonymous]

This site has been sold to the Chinese behind closed doors.

Just kidding.

[Daniel Pittman]

Yeah! Someone's going to break into my hard drive and eat all my cookies!

[Jeremy and Angela]

Firefox says the certificate expired on 8/28/13 4:59 PM. Not ideal, but it's not as if the certificate magically goes bad once the clock runs out.

[Anonymous]

I hope for your sake it's not Cookie Monster, because if it is, nothing, not even God, can save you now.

[Bob Bankhead]

[EndoftheTrail]

No warning whatsoever from my Chrome browser. I am suddenly feeling naked, exposed, vulnerable…

[Anonymous]

Hmmm, i got a warning from my chrome browser. Hey, let your naked, sexy self shine unabashed.

[Rex Sanders]

BPL's SSL certificate has expired, and your browser might be warning you about this problem.

Short version: Tell your browser to trust BPL's expired SSL certificate, but don't do that routinely, especially for more important web sites, like your bank.

Longer version:

What does this mean? What should you do about this? What should BPL do about this?

SSL encrypts information between your browser and a web site to prevent snooping by most Bad Guys. SSL typically protects your username and password as you login, and other critical information like credit card purchases, bank account information, and email. This is A Good Thing.

For SSL to work properly, the web site (BPL) needs to buy an SSL certificate from a widely recognized authority. SSL certificates have an expiration date. BPL's has expired. Likely, someone forgot to renew.

An expired SSL certificate still encrypts your username and password, it's just less "trustworthy" in some theoretical sense. I've used expired SSL certificates on many internal systems for many years.

You can tell your web browser to trust the expired BPL SSL certificate, and move on to worry about more important things, like how many cups of water you can boil on one Esbit tablet under perfect lab conditions :-)

HOWEVER – you should NOT routinely ignore SSL warnings from your web browser, and blindly trust whatever comes along. Bad Guys might be impersonating something important, like your bank or email provider.

BPL should renew their SSL certificate, so we, the paying customers, don't have to deal with this nonsense. SSL certs are as cheap as $10 per year.

For the uber-security geeks out there: Yes, I dramatically simplified a complex situation, and you might disagree with my recommendations. Consider using this as a teaching moment for non-security geeks, rather than flaming me with trivia.

— Rex

[Q Smith]

I started getting that notice about a week ago

[Adam Klags]

Has anyone from BPL recognized this and begun to renew? I think its kind of important to have the SSL certificate current, no?

[Ken Thompson]

Look at the bottom of the page. The copyright is expired also.

[Bob Bankhead]

Copyright and Ssl certificates both expired? Ryan obviously isn't paying much attention to the website right now. What are the odds that he will remember to renew the BPL.com domain name before it expires?

I suggest that this is probably an excellent time to copy and save any of the articles/reviews/etc. that you really want to keep before BPL suddenly disappears.

Forewarned is forearmed.

Victory favors the prepared.

[Ken Thompson]

"What are the odds that he will remember to renew the BPL.com domain name before it expires?"

I know some would jump on that so quick.

[Rex Sanders]

Current registration expires over five years from now:

Domain Name: BACKPACKINGLIGHT.COM
Updated Date: 03-jul-2012
Creation Date: 16-nov-2000
Expiration Date: 16-nov-2018

And judging from the BPL Contact link on every page, everyone at BPL is out having fun:

"We are currently upgrading our support system and online support will not be available until early September."

"Until our new support system is online and our staff is back in the office this fall, please direct your support request via mail to: Backpacking Light / ATTN: CSS / 1627 W Main St Ste 310 / Bozeman MT 59715."

So maybe everything will be fixed in a few weeks.

— Rex

[Nick Gatel]

"So maybe everything will be fixed in a few weeks."

We are all confident that you are correct.

[Ken Thompson]

"So maybe everything will be fixed in a few weeks."

That's the spirit Rex.

uncontrolled laughter from the peanut gallery..

[Ken Larson]

E-Mailed Ryan and Stephanie concerning the SSI issue. Reply from Stephanie is as follows:
"Thanks Ken. Yes, the issuing company is working on it – we had a business name change last year and this glitch is causing them to delay. Should be about a week."

[Bob Bankhead]

Thanks, Ken.

That's the first positive sign that someone is actually responding to member concerns.

[Travis Leanna]

Hmmm, it expires in November 2018, close to my birthday. Looks like someone's getting a domain name for his birthday!

[Rex Sanders]

The BPL SSL certificate was fixed on September 15, expires October 16, 2014.

— Rex

[Author]

Posts