YES, WE KNOW THERE'S A SITE PROBLEM!

Dearest forum members,

On Saturday afternoon/evening/night, depending on your time zone (it was 4pm for me) at precisely 00:00 UTC, the security certificate for TMSwiki.org expired.

OOPS!

Forest renewed the certificate almost immediately (on the address bar, if you click the red shield or the lock with the red slash you can get to the updated information) but there are still issues, notably the security warnings whenever any tmswiki.org URL is accessed.

The bottom line is that our server software is pretty far out of date and and needs to be updated to the latest version and many parameters completely worked over to comply with the updates.

Unfortunately this is going to take time. Other than the insecure connection, the forum is still fully operational at this time, and I am logging in because the only sensitive information we enter is our forum password (and of course mine is, as yours should also be, completely unique for this site and not used anywhere else). However this is a personal decision on my part, and I can't encourage or expect others to follow. I'll keep an eye out for any suspicious posts, but that's something that I and several other alert folks already do (that's what the Report link is for at the bottom of every post).

This article from LifeWire is very informative - a few of the steps are not applicable since we know the issue is on our side, but be sure to read through to the end for the bottom line advice.
https://www.lifewire.com/how-to-fix-connection-not-secure-error-4176358 (Here's How to Keep Your Browsing Safe on Firefox, Chrome, and More)
Update: the article recommends a browser add-on called HTTPS Everywhere, but apparently that is obsolete because browsers now have that option within their own settings. Here's a link to an article which explains how to enable that mode in your browser: https://www.eff.org/https-everywhere/set-https-default-your-browser (Set Up HTTPS by Default in Your Browser)

For now, please stay tuned and keep your fingers crossed and keep checking in. Forest will be providing more technical information and details.

 

Update: the article recommends a browser add-on called HTTPS Everywhere which encrypted your information even on insecure sites, but apparently the add on is obsolete because browsers now have that option within their own settings. Here's a link to an article which explains how to enable that mode in your browser: https://www.eff.org/https-everywhere/set-https-default-your-browser (Set Up HTTPS by Default in Your Browser).
I've found that setting in Firefox on my PC and enabled it successfully.

 

Hi Jan, did that help for you? HTTPS Everywhere was a popular addon in tech circles some years back, but its features are different than the problem we're now having. Our server is configured to redirect all traffic to be encrypted (HTTPS) already. The problem is that the data that we use to encrypt the data is created by us rather than from an external authority.

With that said, if it has a side effect that makes it easier for you to view the site, all the better...

The real solution will come in updating our software, as described here:
https://www.tmswiki.org/forum/threads/getting-the-the-forum-back-up-and-running.27765/#post-143685 (Getting the the forum back up and running)

 

Thanks for that explanation, @Forest! I was really just looking for reassurance that we can all safely navigate the forum in spite of the warnings, and your explanation has done the trick. I don't think there was a change in behavior , but I only did that on one of my browsers on my PC, and so far I have not found a similar setting in my Edge browser on my phone - and now I probably won't bother .

On my PC yesterday I was still sometimes (it felt quite random) getting a security warning blocking my access, but now I'm just hitting Advanced and overriding it.

 

Hey @Forest - it looks like you got third-party verification for the certificate! No more URL security warnings!