Fix Your Certificate.

Shows up every few days when I visit.

I don't know the exacts of why this happens; But, I noticed this when I was saving ffxiah.com as the link on my default tab for chrome. Once I updated the url to https://ffxiah.com it fixed this for me.

Yeah, they renewed the certificate two days ago.

If it shows not secure, probably is some cache. Clearing cache should fix this.

On the other side….. SE official site says there is no certificate at all.

Anyone else seeing this error?

POL's website was never actually secure, it's never had a cert, it's only become more noticeable recently since browsers started showing any site without one as suspicious.

just want to say here that certificate on https://ffxiah.com expired on 25 june
a recent certificate is in place on https://www.ffxiah.com
a redirection from https://ffxiah.com to https://www.ffxiah.com is in place, but unfortunately, this occurs after the browser display an error

They use certificate with 2~3 months validity.

It must be annoying to keep doing the recycle unless automatic?

it's right, i didn't see it first : it's a 3 months validity on https://www.ffxiah.com
i guess it's let's encrypt model

but on my phone, to be speedy, i did https://ffxiah.com and got an error because the certificate has not changed on this page

i also want to say that redirection from http://ffxiah.com to https://www.ffxiah.com is correct

Lets Encrypt does that whole super short certificate thing, though they also provided scripts and an API for automatically renewing it.

isn't cloudflare much simple to secure a web server with ssl if you don't own a certificate ?
with the free version, you can use their certificate AND hide public IP of your server, have a minimal ddos protection, analytics, no need to have to modify your server setup

Umm that's not quite how that works...
To use CF to do SSL termination that way, there are other non-trivial steps involved, chiefly getting adjacency to the CF network or some other way to get secure transfer between CF and your servers.

yet, i did this years ago to secure a personal web server

• let's encrypt : complicated to modify conf (for me), need to schedule a task (which i know will fail sooner or later if i not actively monitor it)

• cloudflare : you only have to transfert them your DNS resolving then you block anything to your web server which is not coming from cloudflare IP

i spent multiple days reading tutorials on apache/linux/mod rewrite... with no result
i spent only some hours with cloudflare

No you didn't. You can sputter and rant, but you didn't teleport bits from CF infrastructure to your personal infrastructure.

<User> --SSL-- <CF Proxy> --no encryption-- <Web Server>

It's that second half that becomes the problem, and if you struggled with something as simple as openssl and httpd, then there is no way you figured out network adjacency, site to site VPNs, or the various other tricks to handle that intermediate step.

No what you did was likely way worse, you had all the web traffic from the CF proxy to your personal web server traverse the public internet unsecure.

you're right, there is an unsecure part, but i know this.

maybe i labeled it wrong : to be clear, i didn't secure the web server with ssl

Sending stuff like usernames, passwords, private messages and such unencrypted over the public is very very bad. Like on the top five list of things you do not do, right next to use default admin credentials.