SSL Certificate

admin1 · October 2, 2017, 6:41pm

LSC is now SSL enabled. You can now log in to https://www.largescalecentral.com

Cayenne · October 2, 2017, 6:47pm

Thank you O Bob, the benevolent!

Greg_Greg_Elmassian · October 2, 2017, 7:36pm

Thank you Bob…

For all members, be SURE to change your “Favorite” or bookmark to https://www.largescalecentral.com … if you don’t, you won’t be using a secure login, and your password will be transmitted in plain text over the Internet.

You have to update your bookmark/favorite, it won’t do it automatically.

Also, you should see that you are on a secure site, in FireFox for example, there will be a green padlock before the https://www… that shows you are on a secure site AND it is a recognized SSL certificate.

Way to go Bob…

Greg

Cliff_Jennings · October 2, 2017, 8:10pm

Thanks Bob, and thanks Greg for that clarification on what to do.

Rick_Marty · October 2, 2017, 11:52pm

What Cliff said(https://www.largescalecentral.com/externals/tinymce/plugins/emoticons/img/smiley-laughing.gif)

David_Maynard1 · October 3, 2017, 10:30am

What’s wrong with being insecure?

Dennis_Cherry · October 3, 2017, 12:14pm

Nice.

Boomer_K_MOGWAI · October 3, 2017, 3:31pm

Problem in the chat forum.

This morning I reset my bookmark as Greg described. Logged in and walaah I was on the secure site.

Went over to chat to leave a pleasant and friendly comment to the chat server as I often do. Upon hitting the chat button my comment posted and I was returned to the unsecured version of LSC. Still there even as I post this.

admin1 · October 3, 2017, 3:35pm

Boomer Keel MOGWAI said:

Problem in the chat forum.

This morning I reset my bookmark as Greg described. Logged in and walaah I was on the secure site.

Went over to chat to leave a pleasant and friendly comment to the chat server as I often do. Upon hitting the chat button my comment posted and I was returned to the unsecured version of LSC. Still there even as I post this.

Thanks. Ill check it out.

John_Caughey · October 3, 2017, 4:02pm

Firefox is showing a yellow triangle over lapping the padlock, a click reveals that; Connection not secure and ‘images’ are not secure …

?

Edit to say; went green when I returned to home.

on30gn15 · October 3, 2017, 4:11pm

It must just be strange internet day, John.

Railpictures dot net is at the same time:

showing me as logged in

saying I’m not logged in and that I have to log in to see how many new pictures since my last visit

letting me add favorite photos and comment on photos because I am logged in

saying that to view my favorite photos list and/or add to it I have to go log in since I am not logged in

Greg_Greg_Elmassian · October 3, 2017, 4:25pm

I understand a bit about this, having just made my website secure.

https:// showing up and getting a positive indication (for example a green padlock) means you are on a secure site (seeing the https), and the ssl certificate is good (green padlock) and the page has no insecure elements.

when you get the yellow padlock, it normally means that all the above is true, except there are links on the page (in John’s example they are pictures, but they can be ANY links to other places) that are not secure themselves… i.e. at least one link on the page you are viewing is NOT secure.

So, a link to a picture, where the picture is hosted on a non-secure site will make your green padlock go yellow with an exclamation.

There are similar indicators on all modern browsers. Normally you are fine, i.e. the page you are on is secure itself.

It looks like clicking from chat to the forums needs to have the menu internally updated to the https:// home screen… All of this will take some fine tuning on Bob’s part, but the most important thing is the login page, that’s where your entering of your password should be secure. Again, make sure your browser bookmark/favorite is updated to https://www.largescalecentral.com…

By the way, you can scan a webite to find “insecure” or “mixed content” pages with tools like: https://www.jitbit.com/sslcheck/

(I can’t use it on my site ha ha, it only does 200 pages)

Greg

SteveF · October 3, 2017, 6:14pm

In Chrome, I get a green https:, with padlock, on the home and forums pags. When I go deeper, like to Tracks and trestles, the green padlock disappears.

Greg_Greg_Elmassian · October 3, 2017, 6:35pm

Same stuff… interesting though, the whole padlock disappears… does anything still indicate you are on a secure site (other than the https:// still showing?)

I have installed and used Chrome for testing, but I always wind up uninstalling it because of all the baggage it brings… Google world domination…

Greg

admin1 · October 3, 2017, 7:35pm

Ah HA! Its people’s images in their signature… they are http not https, so the browser lets you know that there is insecure content on the page.

Bruce_Chandler · October 3, 2017, 7:45pm

Bob McCown said:

Ah HA! Its people’s images in their signature… they are http not https, so the browser lets you know that there is insecure content on the page.

Wow. That will be darn near impossible to fix. Or is it just as simple as putting our signature files on LSC?

Greg_Greg_Elmassian · October 3, 2017, 7:46pm

We might be able to use https:// references in our signatures… I know that my site, where I store my images, will allow me to reference images by https… I’ll edit my reference… maybe this is also true for our avatars?

… off to the profile page…

Greg

admin1 · October 3, 2017, 8:00pm

I have added a redirect from any http LSC link that should take you to the corresponding https link.

Greg_Greg_Elmassian · October 4, 2017, 3:11am

I bounced around the site, seems to stay in https “mode”…

I did change the reference in my signature picture to an https link.

Greg

Korm · October 4, 2017, 9:31am

when i wanted to change my cookie to https as Greg recommended, i saw, that firefox aparently did the job for me by its own. the URL line now starts with https, without me having changed anything.