« previous next »
Pages: [1]

Author Topic: https issues  (Read 17756 times)

Vikograd

  • Newbie
  • *
  • Posts: 39
  • :)
    • View Profile
https issues
« on: December 17, 2023, 02:56:51 PM »
Hey, I just wanted to let the staff know that the forum doesn't want to load if the browser automatically attempts to upgrade the connection to https. It will definitely put new members off when they're greeted with a big fat security warning from their browser, so turning this site https would probably be for the better.
Logged

gmestanley

  • Newbie
  • *
  • Posts: 6
    • View Profile
    • gmestanley
Re: https issues
« Reply #1 on: January 14, 2024, 02:33:11 PM »
I definitely thought it was odd that a website that managed to survive to this day still uses only HTTP, but I figure maybe it's just a limitation with the host being used. I mean I thought people didn't care about this forum anymore (at first) but there's still posts from NRS in 2024 so
Logged

Kerpullie

  • Newbie
  • *
  • Posts: 3
    • View Profile
Re: https issues
« Reply #2 on: November 08, 2025, 06:50:02 AM »
It looks like bootleg.games does have port 443 (HTTPS) open, but it uses some sort of weird certificate that's not only expired, but also doesn't match the domain:
Code: [Select]
$ openssl s_client -connect bootleg.games:443
Connecting to 23.229.205.73
CONNECTED(00000003)
depth=0 CN=old.scarlettscott.com
verify error:num=18:self-signed certificate
verify return:1
depth=0 CN=old.scarlettscott.com
verify error:num=10:certificate has expired
notAfter=May 19 06:28:13 2022 GMT
verify return:1
depth=0 CN=old.scarlettscott.com
notAfter=May 19 06:28:13 2022 GMT
verify return:1
---
Certificate chain
 0 s:CN=old.scarlettscott.com
   i:CN=old.scarlettscott.com
   a:PKEY: RSA, 2048 (bit); sigalg: sha256WithRSAEncryption
   v:NotBefore: May 19 06:28:13 2021 GMT; NotAfter: May 19 06:28:13 2022 GMT
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIEgDCCA2igAwIBAgIFALbgLtkwDQYJKoZIhvcNAQELBQAwIDEeMBwGA1UEAwwV
b2xkLnNjYXJsZXR0c2NvdHQuY29tMB4XDTIxMDUxOTA2MjgxM1oXDTIyMDUxOTA2
MjgxM1owIDEeMBwGA1UEAwwVb2xkLnNjYXJsZXR0c2NvdHQuY29tMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QlZ9d33QfwnzJ8R+Wtl5yXmJRTg152C
I2JKSEmH1kcMnDmunO6VXKmtlwV31beUkOQ3Gb6P5OKU98NO17+Dp/gyQZUWjgc2
pM+nbtlgnvCXTOszBpwWFxF8VIGgnTwVj2aFT7BibJn0IYfv86pS3aQASCK9Tdon
VdlHHJ/batDbx9N3633IeqXkRahTcpahm/9yBGsP5svHhP4WI0cmUPUTDRnVDshu
hiGtka6ZRn4CEixNBQfdmNcpSoJgecnKmGg/xdvQVgvfrRE4cS1QCE4Nw5eBnZ4+
hOv87jAJ9XS+YhdnojfjiXFud5GCAb9GhXhDZk0hQ2oLe69jOr/slQIDAQABo4IB
vzCCAbswHQYDVR0OBBYEFHWBrkwQIQTdweJ/WgzzM+T/oO78MAkGA1UdEwQCMAAw
TAYDVR0jBEUwQ4AUdYGuTBAhBN3B4n9aDPMz5P+g7vyhJKQiMCAxHjAcBgNVBAMM
FW9sZC5zY2FybGV0dHNjb3R0LmNvbYIFALbgLtkwHQYDVR0lBBYwFAYIKwYBBQUH
AwEGCCsGAQUFBwMCMIIBIAYDVR0RBIIBFzCCAROCFW9sZC5zY2FybGV0dHNjb3R0
LmNvbYIabWFpbC5vbGQuc2NhcmxldHRzY290dC5jb22CGXd3dy5vbGQuc2Nhcmxl
dHRzY290dC5jb22CHGNwYW5lbC5vbGQuc2NhcmxldHRzY290dC5jb22CHXdlYm1h
aWwub2xkLnNjYXJsZXR0c2NvdHQuY29tgh13ZWJkaXNrLm9sZC5zY2FybGV0dHNj
b3R0LmNvbYIgY3Bjb250YWN0cy5vbGQuc2NhcmxldHRzY290dC5jb22CIWNwY2Fs
ZW5kYXJzLm9sZC5zY2FybGV0dHNjb3R0LmNvbYIiYXV0b2Rpc2NvdmVyLm9sZC5z
Y2FybGV0dHNjb3R0LmNvbTANBgkqhkiG9w0BAQsFAAOCAQEALKDWNUpnWnrNtg1Y
2Uut8aB98U25M6vYaaCZtId6O2BSkmNy3RCnCj01nNg1JqB3kmxINuV5X+2FiVbB
oIFt2/7AlsL4dWQ/HLth5rz5I34B7shhFIu1PKx7yIDG0CCAbirsK8/iJJPL2QWk
2SyviHfV1jBHlrRDVvetmfis1k23l080P7xN5DGfil1FCABLgquQqi91RSBfnJzb
NgqaXDyHaNegQWtWxTnf5kNQ7KK4jK6B4noxzk+N8WBLQ2UnH2soNEdoFPeWCR+s
w4iiVP8uGt3+KXnfuKGNA+GKdo4SWMTU+WyClzenXPxuT2t5mBFjBicPPBK1rNzB
OdzNxA==
-----END CERTIFICATE-----
subject=CN=old.scarlettscott.com
issuer=CN=old.scarlettscott.com
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: rsa_pss_rsae_sha256
Peer Temp Key: X25519, 253 bits
---
SSL handshake has read 1813 bytes and written 1637 bytes
Verification error: certificate has expired
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Protocol: TLSv1.2
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: A21AE00720E48B0352D5381CC17C5FB2FF3DC77E0F92D108C45CC1EF379A3AE4
    Session-ID-ctx:
    Master-Key: F8D89B0A63FA22443D0310996C168DBF8D82823235683DCF7ADD0B21F1CE143EC6FADB88913AB427E3700D689CF5469A
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 300 (seconds)
    TLS session ticket:
    0000 - 80 c6 01 90 e4 6d 80 be-a2 8c 25 40 6e 5d 4f 18   .....m....%@n]O.
    0010 - 68 32 d1 84 aa d3 a8 20-65 c7 9f 3d 37 da 09 a3   h2..... e..=7...
    0020 - e1 ec 88 3c 9a 41 28 db-e9 da 49 48 0d e4 3b 07   ...<.A(...IH..;.
    0030 - b7 8b 69 fb b5 89 da db-22 9e 64 95 95 12 26 58   ..i.....".d...&X
    0040 - 21 e5 b6 29 e9 52 43 14-4e 93 a2 3f 52 14 cb 46   !..).RC.N..?R..F
    0050 - 06 7b 90 56 59 85 2e f4-8c 96 9a b5 74 a8 49 7a   .{.VY.......t.Iz
    0060 - 77 82 c5 c3 53 51 10 35-19 32 9b 8b af ba 69 bb   w...SQ.5.2....i.
    0070 - a2 fe 10 3c 7e 2c c9 04-23 84 78 ca 93 fe a2 e0   ...<~,..#.x.....
    0080 - 48 cf 42 de 42 ef 7a 81-c8 ed d4 17 ad 31 9c ae   H.B.B.z......1..
    0090 - 56 4d a9 2b ff 0e d2 c6-4b 03 34 ed 04 a1 2c bd   VM.+....K.4...,.
    00a0 - cd 00 69 81 1f 52 c4 08-74 93 83 8b 6e b0 d9 32   ..i..R..t...n..2
    00b0 - 0e 63 64 93 13 ca 25 5c-45 7e 81 e9 59 21 53 67   .cd...%\E~..Y!Sg

    Start Time: 1762602451
    Timeout   : 7200 (sec)
    Verify return code: 10 (certificate has expired)
    Extended master secret: yes
---

But still, I do not get why this is not a higher priority issue for the forums. It takes only one MITM'd connection for someone to sniff out your session token or your login details and compromise your account, and also setting up HTTPS is free and pretty easy these days (with Let's Encrypt and ACME clients like certbot)
« Last Edit: November 08, 2025, 07:02:52 AM by Kerpullie »
Logged
Pages: [1]
« previous next »