Not sure if this belongs here, Mods feel free to remove/move as needed.
I was browsing CMuratori's homepage and some related MR/Handmade sites and it was concerning to me to see that the SSL certificates used on these sites look very phishy.
For example in the chrome browser if you navigate to https://handmadehero.org/ and inspect the certificate information it shows a common name (CN) value of "selectyourgirls(dot)in" with a whole list of SAN (subject alternative names) that are nasty looking.
I would highly recommend switching to Let's Encrypt or some other more reputable type certs for handmade network sites.
Thanks,
- Fred
I was browsing CMuratori's homepage and some related MR/Handmade sites and it was concerning to me to see that the SSL certificates used on these sites look very phishy.
For example in the chrome browser if you navigate to https://handmadehero.org/ and inspect the certificate information it shows a common name (CN) value of "selectyourgirls(dot)in" with a whole list of SAN (subject alternative names) that are nasty looking.
I would highly recommend switching to Let's Encrypt or some other more reputable type certs for handmade network sites.
Thanks,
- Fred
Edited by Fredward
on
You'll need to talk to Casey about that - he's maintaining handmadehero.org domain & website. I believe Handmade Network has no control over that.
Edited by Mārtiņš Možeiko
on
Molly Rocket doesn't host those sites either. Google does (via Firebase). Google procures the SSL certificates.
If you'd like to tell Google how you want them to issue certificates, be our guest :)
- Casey
If you'd like to tell Google how you want them to issue certificates, be our guest :)
- Casey