xmaysonnave / tiddlywiki-ipfs

IPFS with TiddlyWiki
https://bluelightav.eth.link
GNU General Public License v3.0
55 stars 8 forks source link

Certificate error for tiddly.bluelightav.eth.link #2

Closed khinsen closed 5 years ago

khinsen commented 5 years ago

Access to https://tiddly.bluelightav.eth.link/ causes a certificate error in all browsers I tried. Here is the error message from Brave:

This server could not prove that it is tiddly.bluelightav.eth.link; its security certificate is from *.eth.link. This may be caused by a misconfiguration or an attacker intercepting your connection.
xmaysonnave commented 5 years ago

Yes. It is a common error. People who owns the eth.link tld provides the ssl certificate however browsers do not like that at all. This wildcard certificate is too widely opened and not restrictive enough. Ipfs companion and metamask handle it properly though as you're redirected to an https ipns URL with no complain. Thanks for your report.

On Thu, 3 Oct 2019, 15:26 Konrad Hinsen, notifications@github.com wrote:

Access to https://tiddly.bluelightav.eth.link/ causes a certificate error in all browsers I tried. Here is the error message from Brave:

This server could not prove that it is tiddly.bluelightav.eth.link; its security certificate is from *.eth.link. This may be caused by a misconfiguration or an attacker intercepting your connection.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/xmaysonnave/tiddlywiki-ipfs/issues/2?email_source=notifications&email_token=AE47PBEU57GDP3GX66D763TQMW6VJA5CNFSM4I5A4732YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4HPLM64A, or mute the thread https://github.com/notifications/unsubscribe-auth/AE47PBGRBVYQUL243KUHW73QMW6VJANCNFSM4I5A473Q .

khinsen commented 5 years ago

Indeed. Content addressing makes so many security issues simply disappear.

xmaysonnave commented 5 years ago

I'm closing this ticket as the issue is not related to this plugin but the way EthDNS is handling their eth.link TLD. I've updated the link to https://tiddly.bluelightav.eth but Metamask is required. Plain HTTP is working though. Thanks

khinsen commented 5 years ago

Sounds fine, thanks!