Need help? Check out our Support site, then


Security Certificates for WP?

  1. I am getting a warning that says the security certificate for WordPress has expired (02.22.08) and as a result, I have to jump through extra step to access my own blog.

    Is there a way to get an updated security certificate to add to my computer?

  2. keitholbermannisevil
    Member

    I started getting this message last night. Thought it would be resolved by today but it still pops up:

    ""wordpress.com" is a site that uses a security certificate to encrypt data during transmission, but its certificate expired on 2/22/08 6.27PM. You should make sure that your computer's time is correct."

    I am using Firefox 1.5.0.11.

    Thanks in advance for your help.

  3. If their security certificate has expired its obviously not safe to blog here anymore!! We should all leave!! Thanks for the heads up guys.

  4. It was renewed - all is fine.

  5. Still getting this error.

  6. The only result of an expired certificate is the warning message you see. SSL connections are still encrypted using the same certificate.

  7. So how do we update the current security certificate? Is it found on the WordPress site?

    Thanks much.

  8. No, it needs to be done on the server. It has been renewed, we're investigating why the expiration message is still showing.

  9. Willing to jump through a few hoops if need, but I am glad I am not the only one getting this message, I thought it was only my computer :)

  10. gotalandmagazine
    Member

    Still getting that message

  11. This has no practical effect on the blogs. Your blog is as safe today as it was last month.

    The single weakest element in the security of your blog is your password.

  12. why even bother having a security certificate then?

  13. WP can easily issue an updated Security Certificate good until 02.22.08. What is the problem?

  14. S/B 02.22.08 to 02.22.09.

    What is the problem?

  15. Same here with me.

    When calling "*******.wordpress.com/wp-admin", Firefox keeps telling me the certificate expired at 02/23/08.
    When clicking continue, it says: certificate can't be validated through OCSP, because the server is busy.

    That's all. Then nothing else happens and I can't login. Login only works when visiting de.wordpress.com and changing to my blog afterwards.

  16. Still getting the warning each time, Feb 28th.

  17. Same here....

  18. ajcmann & horseworks,

    I've been getting this error message since 02.23.08 and as you can see from the responses, some support mouthpiece keeps says "all is fine," and "don't worry."

    Well, all isn't fine and if both Firefox and IE have entire sections devoted to Security Certificate errors, then there is a reason for the message.

    It's clear the problem isn't resolved.

  19. for the record, in this particular case, both tellyworth and Mark were absolutely correct saying that expired certificate had nothing to do with the safety of blogging here.

    the SSL certificate is used here to establish a secure connection during logon procedure only. usually it happens on submitting 'Login' button from the .com frontpage or on the generic Secure login page at: httpS://wordpress.com/wp-login.php

    the nagging message from the user client (browser) was merely a warning saying that the certificate couldn't be validated with the authorities it was issued by, but the connection itself indeed still remained encrypted and thus secure.

    at least, it was far more secure than a login form you're currently getting redirected to from this very fora (if you wasn't logged in to your blog previously) -- because a password is still sent there as a clear unencrypted plain text.

  20. Is there an update on the issue? It's been almost a week now and having that window popping up every time you visit the blog is starting to get really annoying

  21. It was renewed some time ago but we still don't have the new certificate. We'll install it as soon as we do.

  22. Is there an update to this? I'm well aware that the crypto provided by this cert is still the same old SSL that was in use before the cert expired, the problem is that the certificate is used to authenticate the site is the actual site and not someone jacking the connection. In short, it's not the crypto I'm concerned about, it's the authentication the cert provides, which was the primary purpose behind public certificates to begin with.

    It's March 8 now (at least where I live.) Surely the cert has arrived by now? (If not, what's the certificating authorities excuse for taking this long to provide it? Have they ever heard of FedEx?)

  23. They haven't given us an excuse - they're not responding to our requests.

  24. Now I'm getting a message that says 'That the the Certificate has expired' in IE7

  25. No worries. It doesn't matter. The certificate is ok...

  26. secondchancetolive
    Member

    I also received the certificate this morning telling me to make sure the time on my computer was the same as the what the message was telling me that the time was posting. I clicked continue to the certificate and was permitted access to Second Chance to Live. Strange as this moring is the first time that I have received the certificate not renewed notification. What is up?

  27. There is a great deal of pretty awful administration at WP, as I am dicovering, and nothing seems to get fixed, but an expired certificate isn't worth bothering about . If I avoided sites without certificates I'd never get aything done.

  28. I'd like to report, by the way, that I'm no longer receiving the warning message. I can't say why or whether anyone else is doing so, of course, but I wanted to be forthcoming.

  29. Getting message that 'security for website has expired'.

    What should l do?

    Thanks

  30. I assume you are getting this when logging in at http://wordpress.com/ ? If so, this should be fixed. Sorry for the inconvenience.

Topic Closed

This topic has been closed to new replies.

About this Topic