Closed khinsen closed 5 years ago
Yes. It is a common error. People who owns the eth.link tld provides the ssl certificate however browsers do not like that at all. This wildcard certificate is too widely opened and not restrictive enough. Ipfs companion and metamask handle it properly though as you're redirected to an https ipns URL with no complain. Thanks for your report.
On Thu, 3 Oct 2019, 15:26 Konrad Hinsen, notifications@github.com wrote:
Access to https://tiddly.bluelightav.eth.link/ causes a certificate error in all browsers I tried. Here is the error message from Brave:
This server could not prove that it is tiddly.bluelightav.eth.link; its security certificate is from *.eth.link. This may be caused by a misconfiguration or an attacker intercepting your connection.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/xmaysonnave/tiddlywiki-ipfs/issues/2?email_source=notifications&email_token=AE47PBEU57GDP3GX66D763TQMW6VJA5CNFSM4I5A4732YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4HPLM64A, or mute the thread https://github.com/notifications/unsubscribe-auth/AE47PBGRBVYQUL243KUHW73QMW6VJANCNFSM4I5A473Q .
Indeed. Content addressing makes so many security issues simply disappear.
I'm closing this ticket as the issue is not related to this plugin but the way EthDNS is handling their eth.link TLD. I've updated the link to https://tiddly.bluelightav.eth but Metamask is required. Plain HTTP is working though. Thanks
Sounds fine, thanks!
Access to https://tiddly.bluelightav.eth.link/ causes a certificate error in all browsers I tried. Here is the error message from Brave: