So just tried to browse a book mark on this forum and got blocked by Google Chrome stating that this website has been compromised. I tried again on other browsers Microsoft Edge, Firefox and get various Certificate Errors and other notices that prompt me to leave.
Forums are not Secure. Certificate Error.
The SSL cert has expired at the end of May 4th, and just needs to be renewed. No idea how to raise the alarm for their admins to address though.
Yeah, this is happening to everyone.
FFG hasn't been compromised.
However the certificate for community.fantasyflightgames.com expired on Saturday, May 4, 2019 at 2:00:00 PM GMT+2.
It will probably be fixed tomorrow after the weekend once people are at work again
Well I still get it, so did they forget to pay their taxes to Microsoft/Google? How does an expire certificate cause a security vulnerability?
Well they haven't renewed the certificate yet.
Microsoft/Google is not involved in this process.
FFG seems to gets their certificates from Amazon, which in turn gets their intermediate CAs from the Starfield Services Root CA.
It doesn't cause a security vulnerability.
You browser simply warns you that the page you're visiting may not be provided by the server which claims to be FFG.
16 hours ago, Marinealver said:Well I still get it, so did they forget to pay their taxes to Microsoft/Google? How does an expire certificate cause a security vulnerability?
Valid certificates are a proof of trust that the owners of the site you are visiting are who they say they are. An expired certificate in itself is not itself a vulnerability but can suggest that a vulnerability exists.
At the very least, probably good to not communicate sensitive information, personal information, etc, through a site with a bad cert. I wouldn't suggest sending that kind of info through a fan-forum anyway, though.
Well I stopped getting those warnings so looks like they fixed their certificate.
55 minutes ago, Marinealver said:Well I stopped getting those warnings so looks like they fixed their certificate.
Yep. But we'll see this again next June.