If you can read this...

[Vance Wood]

Every time we go through something like this it's like being glued to a toilet seat.

 

[Bonsai Nut]

Every time we go through something like this it's like being glued to a toilet seat.

I am pretty sure it has to do with the SSL certificate being self-signed. I have an order queued to install a new certificate. Because we are dealing with a 3rd party it will take a while for it to get implemented. Hopefully be complete when I wake up in the morning.

Not sure why this suddenly became such an immediate issue; it wasn't causing problems prior to the migration. I have some ideas, but let's just hope the new certificate being installed will take care of the problem.

At any rate... once this is taken care of we will be in much better shape going forward.

 

[Traken]

I am pretty sure it has to do with the SSL certificate being self-signed. I have an order queued to install a new certificate. Because we are dealing with a 3rd party it will take a while for it to get implemented. Hopefully be complete when I wake up in the morning.

Not sure why this suddenly became such an immediate issue; it wasn't causing problems prior to the migration. I have some ideas, but let's just hope the new certificate being installed will take care of the problem.

At any rate... once this is taken care of we will be in much better shape going forward.

Yeah, that’s always the hassle with self signed. They’re never “trusted” because they don’t come from a certificate authority, even if they’re still secure. Ah, the joys of ssl.

 

[Vance Wood]

Yeah, that’s always the hassle with self signed. They’re never “trusted” because they don’t come from a certificate authority, even if they’re still secure. Ah, the joys of ssl.

I understand; ass holes have to abide by the law but they still try to insist that you do things their way and pay them for the privilage.

 

[Traken]

I understand; ass holes have to abide by the law but they still try to insist that you do things their way and pay them for the privilage.

It’s not really a legality thing as much as trying to create a semblance of organization. You can generate your own security certificate for a server/site, but since anyone can make one, technically someone could do something malicious. There are a handful of official certificate authorities that can generate trusted certificates, which makes sense. It just sucks because you have to pay and wait for one, when it takes no time or cost to generate your own.

 

[Cable]

Oh good we're back. Was getting SQL errors all morning. I felt so alone...

lmao, thanks for all your hard work on this migration, Greg.

 

[Anthony]

Have to click through warnings on every page - bother.

 

[Bonsai Nut]

We have the security certificate issue resolved... but it will take up to 48 hours for the new security certificate to be installed on the site. Weekends tend to take longer because not too many people are working. Note that we are not changing a THING to the site - just the security certificate that says the site is "safe", LOL. So the site is safe... I just have to go through a third party to get the security certificate.

We had a separate issue with the daily site backups being copied to our fast (expensive) SSD storage, instead of our slow (less expensive) archive storage. Since the site backups include all the images, they are about 65 GB each, and quickly brought our SSD to its knees. That was the problem that crashed the site this AM I guess that is just proof that I am backing up the web site, LOL!

 

[Lazylightningny]

We have the security certificate issue resolved... but it will take up to 48 hours for the new security certificate to be installed on the site. Weekends tend to take longer because not too many people are working. Note that we are not changing a THING to the site - just the security certificate that says the site is "safe", LOL. So the site is safe... I just have to go through a third party to get the security certificate.

We had a separate issue with the daily site backups being copied to our fast (expensive) SSD storage, instead of our slow (less expensive) archive storage. Since the site backups include all the images, they are about 65 GB each, and quickly brought our SSD to its knees. That was the problem that crashed the site this AM I guess that is just proof that I am backing up the web site, LOL!

I got a little freaked out when I was unable to get up on the site on any of my devices, despite my best efforts. Then I figured you must be working on it, and decided to check back in later. Voila!, works fine now. Thanks for all your hard work.

Where is the money coming from for the switchover? I'm sure it wasn't free

 

[CasAH]

Safari finally let me in on my phone today, I could get in on my iPad yesterday.

Thanks for all you do Greg.

 

[Bonsai Nut]

I got a little freaked out when I was unable to get up on the site on any of my devices, despite my best efforts. Then I figured you must be working on it, and decided to check back in later. Voila!, works fine now. Thanks for all your hard work.

Where is the money coming from for the switchover? I'm sure it wasn't free

It's not free. It's going to cost $1000 more per year. That's why I ask for donations

 

[Admin]

Continuing software upgrades. Do not be alarmed.

 

[Lazylightningny]

Every time we go through something like this it's like being glued to a toilet seat.

Yeah, I hate when that happens.

 

[Lazylightningny]

It's not free. It's going to cost $1000 more per year. That's why I ask for donations

p.s. I tried liking this statement, but my like buttons are missing.

 

[Admin]

Fancy new like buttons Make sure you close down your browser window(s) and reload the site. I made a lot of changes in the last few hours.

 

[Bonsai Nut]

All software has been updated / upgraded. We are running newest versions of everything.

There were some minor unavoidable formatting changes (like we lost our fancy bonsai leaf icons) so I will be changing those... as well as any other glitches that I find.

 

[WNC Bonsai]

Every time we go through something like this it's like being glued to a toilet seat.

I can honestly say I have never experienced that situation!

 

[Orion_metalhead]

We have the security certificate issue resolved... but it will take up to 48 hours for the new security certificate to be installed on the site. Weekends tend to take longer because not too many people are working.

Oh man, that means that I will have to actually work tomorrow and tuesday instead of just browsing BNut all day waiting for the time-clock to run it's course.

 

[Bonsai Nut]

It’s not really a legality thing as much as trying to create a semblance of organization. You can generate your own security certificate for a server/site, but since anyone can make one, technically someone could do something malicious. There are a handful of official certificate authorities that can generate trusted certificates, which makes sense. It just sucks because you have to pay and wait for one, when it takes no time or cost to generate your own.

Exactly. I had a process in place to use and update a self-signed certificate long before it was required... because it was fast and convenient and SAFER than using an outside party. If you Google the "risk" associated with using a self-signed certificate, you won't find one. The only "risk" is a "perceived risk" because browser companies "don't like them". I have yet to read about a SINGLE security issue related to using a self-signed certificate.

However there is a REAL risk associated with using a certificate authority (CA) to obtain your certificate. You are basically adding another party to the security of your site. If they get compromised - ALL THE SITES that they provide certificates for are compromised. This is why many organizations use self-signed certificates for internal communications - they aren't allowing anyone into their security infrastructure. I guarantee you the CIA or Defense Department isn't using an outside party to provide the security certificates for their online traffic

What say do I (as a web site owner) have in it? None. The browser oligopoly determines what security they want me to use - and will send alarmist messages and/or block access to my site if I disagree, even if my security is as good - if not better - than what they require.

 

[Traken]

Exactly. I had a process in place to use and update a self-signed certificate long before it was required... because it was fast and convenient and SAFER than using an outside party. If you Google the "risk" associated with using a self-signed certificate, you won't find one. The only "risk" is a "perceived risk" because browser companies "don't like them". I have yet to read about a SINGLE security issue related to using a self-signed certificate.

However there is a REAL risk associated with using a certificate authority (CA) to obtain your certificate. You are basically adding another party to the security of your site. If they get compromised - ALL THE SITES that they provide certificates for are compromised. This is why many organizations use self-signed certificates for internal communications - they aren't allowing anyone into their security infrastructure.

What say do I (as a web site owner) have in it? None. The browser oligopoly determines what security they want me to use - and will send alarmist messages and/or block access to my site if I disagree, even if my security is as good - if not better - than what they require.

Not to mention the fact that it's kinda insulting that you have to pay to buy a certificate, just to make sure browsers allow people in. It's almost like holding your site hostage. heh.