SSL?

[Scott Greczkowski]

Well folks...

I got notified by Tapatalk that we need to convert SatelliteGuys to SSL by January 1st or the site will no longer work with Tapatalk or our custom SatelliteGuys Reader software.

So I need to figure how to add SSL into the mix and fast!

I am hoping that we can have users continue to use http and https when all is said and done.

I am worried about what this will do to our ad revenue, and I don't want a bunch of secure / insecure warnings because of the ads or because of embedded media we have here on SatelliteGuys (such as pictures and videos)

Wish me luck!

 

[navychop]

Lottsa luck!

Frankly, I am surprised it hasn't hit sooner. I expect most sites will have to make the move.

 

[n0qcu]

in that case DROP tapatalk

 

[harshness]

in that case DROP tapatalk

Tapatalk seems to be one of the more high-maintenance features and has demanded some compromises from time to time. Those who use it effectively (other than for one word comments or liking everything that comes along) should weigh in.

The real issue with using secure communications is the proxy and cache servers having to be set up as Man In The Middle and that's a very sticky wicket. It is one thing when your forum is confined to servers at a single location and something different entirely when your using a combination of distributed proxies, caches and servers.

 

[navychop]

SSL is spreading, Tappy or not. Sign of the times.

 

[Scott Greczkowski]

Well got SSL installed (for Tapatalk only...) Let me know if you see any issues in Tapatalk or our App.

But just also got notice that of as of January 1st, websites that do not have SSL working will have their login screens flagged with an alert that the login is unsecure on Google Chrome...

Before I make SSL working for everything we have a few issues... one being all of our java and images are stored on cloud servers... not sure how to get them from reporting that those things are insecure. Second are the ads... how to get them show as SSL when someone is connected with SSL and non SSL when the user is just using http...

I feel what is remaining of my hair may be on my desk soon ripped from my head.

 

[Foxbat]

Just about every site I use is SSL/TLS now, except for this one and the Ford Escape Owners site. I think it's a good move.

 

[harshness]

Second are the ads... how to get them show as SSL when someone is connected with SSL and non SSL when the user is just using http...

No can do, but it may not be necessary as long as the underlying HTML page that references them is "secure". Otherwise, there must be some manner of MITM to put a TLS wrapper around them.

In the grand scheme, I see that many of the ads themselves have HTTPS links associated with them so I imagine that wrapped versions are available.

Perhaps not obviously, when we say SSL, we're typically talking TLS as most modern browsers now disable SSL by default in favor of TLS.