- This topic has 1 reply, 2 voices, and was last updated 11 years, 8 months ago by
.
-
Posts
-
Hola all, I need to change my email/etc info and after being hacked, I’m overly cautious – i sent an email to the webmaster here (is that you Scott?) but haven’t received a reply. In using the info for changing here – I’m being told that the certificate for this site expired in 2010 and “someone could be pretending to say they are wlcr.com when they in fact are not” Help!!!! Thanks P.S. don’t send private mail please as I have frozen the other account – ty
1. I never received your email…
2. I don’t necessarily agree with the opinions of each author who contributes article on on my site or our VIP Member comments in the Discussion Forum but, the one and only person who is responsible for the management of this site is me – Scott Oliver
3. We have a few people who can certainly say that they are “recommended” on my site but, the one and only person who is legally authorised to say he represents WeLoveCosta Rica.com is me – Scott Oliver
4. Nobody emails anybody using a WeLoveCostaRica.com email address – only me – Scott Oliver
5. Since I never ask for your credit card details or any other private information, I’m not sure where the “security” risk is…?
6. What “certificate” are you referring to?
Scott
Scott, I use a MAC with safari/firefox browsers. Part of the security options set up include validating “certificates by third parties’ sites” for instance. In 2006 when I joined WLCR.COM the certificate was valid but I haven’t had a need to change anything on my profile/pssd, etc. till now. When I clicked onto “your account” here on your site “to change your account details” safari pop up stated “can’t verify the identity of the website – WLCR.Com” Further it stated the the “certificate for this website is invalid” – “you might be connecting to a website that is pretending to be WLCR.Com” When I click on “show certificate” it shows that under PLESK – “the root certificate authority expired Sat 7/31/2010 at 11:27:44 AM ET” In bold red letters it states: “this root certificate is not trusted.”
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxSSL Error – Certificate Not Trusted
When you access a website through a secure connection, it is a common issue to get a warning that the certificate is not issued by a trusted authority.
The exact warning message you will get depending on your browser is:
Firefox 3 – “The certificate is not trusted because the issuer certificate is unknown. (Error code: sec_error_unknown_issuer)”
Internet Explorer 7 – “The security certificate presented by this website was not issued by a trusted certificate authority.”
Google Chrome – “The site’s security certificate is not trusted!”
Safari – “Authentication failed because the server certificate is not trusted.”
If you get one of the above warnings, this means that your browser does not trust the SSL certificate because it is not signed by a company that the browser recognizes as trusted.The two most common reasons for this warning are:
* The website is using a self-signed/free SSL certificate.
* The website is using a private SSL certificate but it is missing a CA (Certificate Authority) certificate.The solution in the first case is to purchase a private SSL certificate which is issued for the specific domain by a trusted authority.
The solution in the second case is to have the SSL certificate reinstalled with the correct CA bundle. The CA bundle is provided by the SSL vendor and should be included in the private SSL package.
The reason for my concern is just 3 days ago, I allowed a certificate from Microsoft that said it had expired and I was hacked into my email/data accounts – which is being worked on now. I change my emails, psswds, etc. and wanted to do the same here.
Sooooooooooooooooooo, I not a computer super savy person but try to pay attention to the security options I have to protect what I have – I was afraid to allow the expired certificate but can’t change my password without getting in unless u have another option on this site I couldn’t find.
Thanks – Pj
Sounds like just another totally unnecessary money-making scheme..
I won’t be buying “a private SSL certificate which is issued for the specific domain by a trusted authority.”
We’ve seen how well the “trusted authority” concept works out with the various credit rating agencies and our “too big to fail” banks who received $16,000,000,000,000.00 in secret bailouts…
Since I never ask for your credit card details or any other private information about your email accounts or anything else, there is no security risk being a VIP Member of WeLoveCostaRica.com
Thanks for pointing that out though …
Scott
- You must be logged in to reply to this topic.
