Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ

Critical: bad ssl cert on https://resellers.cryptostorm.org

This subforum is both a place to find & discuss independent cryptostorm token resellers, as well as to discuss cryptocoin related topics such as buying bitcoins, altcoins such as darkcoins and dogecoins, "tumbling" coins, theoretical/mathematical topics, etc.

Topic Author
gongobaz
Posts: 2
Joined: Wed May 18, 2016 3:51 pm

Critical: bad ssl cert on https://resellers.cryptostorm.org

Postby gongobaz » Wed May 18, 2016 5:28 pm

I just wanted to check what you are writing on https://resellers.cryptostorm.org - and what I see is a bad ssl cert warning. The same is true for https://bootstrap.cryptostorm.org

This is not acceptable regarding the service you are offering. If I personally would consider to offer reselling your services then it would be of extraordinary importance that such fails will never happen.

Another problem with the cert is that it is a COMODO cert from 2014 - I do not know one single person in the crypto community who would still trust COMODO, they have been hacked multiple times and certificates issued by this company are absolutely not trustable. It is a warning signal of utter incompetence. It would be much better if you offered letsencrypt certs.

These are two very heavy points and I wonder how "crypto and security experts" can commit such incredible errors on their public website, as both are a fatal demonstration of incompetence. Of course your plus is that users are even more incompetent and trust cool hacker-style site designs more than ssl certs.

Please get valid certs for that subdomains, not joke certs by comodo, and also setup any kind of cert monitoring - it is obvious that you are not monitoring your ssl certs for these kind of errors, otherwise this could not happen. Also this creates some room for questions about your setup: if you are not monitoring for ssl cert errors on your website, what else are you not monitoring...

However, this must be resolved asap, please do it, thanks. Also it is kind of irritating that one random person coming to your website finds that problem after two minutes of surfing around. If you need more security competent people to help you, as you are clearly demonstrating, please publish job offers.

However, it is also an interesting case to see how you handle this and if you are standing behind your words and are really embracing outside critique.

Thanks and please fix it quick,
Random Visitor

Return to “independent cryptostorm token resellers, & tokens 101”

Who is online

Users browsing this forum: No registered users and 3 guests

Login