Threaded Mode | Linear Mode

***Kye-U*** · (This post was last modified: Feb. 18, 2016 10:35 PM by Kye-U.)

Leveraging ~~CloudFlare's~~ Let's Encrypt's SSL certificate ~~in combination with a self-signed certificate~~, you now have an option of perusing TUOPF over an encrypted connection Thumbs Up

UPDATE: I have moved to Let's Encrypt for true end-to-end secure connections between your browser and my host.

Simply browse to/bookmark https://www.prxbx.com/forums or click on the "Use HTTPS" button at the top-right corner of every page.

You will know you're browsing securely if you see the lock icon appear in the header logo and the "Use HTTPS" button disappears.

[Image: wX1pnNL.png]

Benefits of HTTPS: http://mashable.com/2011/05/31/https-web-security/

SSL Test Results: https://www.ssllabs.com/ssltest/analyze....Results=on

Greyhat Harry · Jan. 24, 2016, 02:54 AM

Hello there Kye-U.

Given that ProxHTTPSProxy and variants are in essence locally hosted projects, would it be possible (or even at all practical) to generate a certificate that's sufficiently compatible with them? I keep getting a "417: SSL Certificate Failed" with ProxHTTPSProxyMII v1.3.1

Thanks for your time and sorry about any inconvenience.

***JJoe*** · Jan. 24, 2016, 05:09 PM

(Jan. 24, 2016 02:54 AM)Greyhat Harry Wrote: I keep getting a "417: SSL Certificate Failed" with ProxHTTPSProxyMII v1.3.1

I don't see this.
Where is the error reported?
Have you modified "cacert.pem"?

Greyhat Harry · Jan. 24, 2016, 07:37 PM

. Reported by both browser and ProxHTTPSProxyMII alike.
. cacert.pem being used has the same crc32 as the original from the zip.

***Kye-U*** · (This post was last modified: Feb. 18, 2016 10:52 PM by Kye-U.)

Hi Greyhat Harry,

I have migrated prxbx.com from using CloudFlare to Let's Encrypt as our SSL provider. Could you please let me know if you're still running into the issue you mentioned? Thanks!

Greyhat Harry · Feb. 22, 2016, 06:45 PM

Nope, seems to be working ok now!

Yet there's something else I've noticed: specifically when accessing threads (say this one), the https connection status is reported to be unsafe by the browser. It just changes from safe to unsafe and vice versa for no apparent reason.

Thanks for having looked into this anyways Smile!

***Kye-U*** · (This post was last modified: Feb. 23, 2016 09:04 PM by Kye-U.)

(Feb. 22, 2016 06:45 PM)Greyhat Harry Wrote: Nope, seems to be working ok now!

Yet there's something else I've noticed: specifically when accessing threads (say this one), the https connection status is reported to be unsafe by the browser. It just changes from safe to unsafe and vice versa for no apparent reason.

Thanks for having looked into this anyways

Great to hear!

Yes, that happens on some pages. For example, in this thread there is an embedded image reference to http://i.imgur.com/wX1pnNL.png. That is a warning saying there is a mix of secure (https) and insecure (http) elements. The more important fact is that you can rest assured that your credentials are not being sent/received in plaintext Smile!