expired certificate to devprofiler.ontabletop.com ?

[limburger 21709xp 0]

My antivirus software keeps complaining (and blocking) a connection to devprofiler.ontabletop.com due to an expired certificate.

Exact message as reported (BitDefender) :

“firefox.exe attempted to establish a connection relying on an expired certificate to devprofiler.ontabletop.com. We blocked the connection to keep your data safe since websites must renew their certificates with a certification authority to stay current, and outdated security certificates represent a risk.”

It only appears to happen on a system where I’m not logged into the website, which may be related.

[sundancer 42985xp 0]

The devprofiler certificate shouldn’t be live anyway if I remember correctly. It’s for testing only and no link should call that URL…

[limburger 21709xp 0]

something somewhere is doing it …

or my AV software is hyper sensitive and trigger happy …

[sundancer 42985xp 0]

No, your AV Software is fine. it’s working like it’s supposed to. Trouble is all the things shown on the page is on link each… and *any* of those could be a devprofiler.ontabletop.com link…. that one needs to be found and purged…

[limburger 21709xp 0]

it probably is related to me not being logged in, because somehow it’s not triggering on my desktop.

My 1337 haxx0r!ng skillz :

< a href=”https://www.beastsofwar.com/forums/topic/expired-certificate-to-devprofiler-ontabletop-com/” title=”expired certificate to devprofiler.ontabletop.com ? – Technical Support” >

oh … wait … that’s my topic 😀

[holly 12044xp 0]

I had this the other day – but only occurring on links to news items in the site. Clearing my browsing history and session data resolved it, but it was an odd looking url to see

[sundancer 42985xp 1]

I think I have found a source of that problem. Seems like something calls for thumbnails via the devprofiler URL. Maybe the load balancer?

[limburger 21709xp 0]

Yup … looks like it as my current view of this topic has links to forum topics that have ‘devprofiler.ontabletop.com’ as their target

< a href=”https://devprofiler.ontabletop.com/forums/topic/kickstarter-ages-of-conflict-pre-launch/” title=”[Kickstarter] Ages of Conflict Pre-Launch – News, Rumours & General Discussion” >

[jamescutts 6925xp 0]

Interesting that your seeing those links as @sundancer points out you shouldnt but it seems to ocasionally be happening, I think i might have seen it once.

devprofiler.ontabletop.com has a invalid certificate though, its using a lets encrypt certificate thats only valid for:

beastsofwar.com
staging.beastsofwar.com
web02.beastsofwar.com
http://www.beastsofwar.com

So regardless of if you should be seeing those links the certificate isnt valid for the dev profiler domain. Shouldnt be hard for the OTT team to issue a lets encrypt certificate or the devprofiler domain and letsencrtpy certificate are free anyway. And that would at least solve part of the problem plus improve security for that domain anyway.

[timchubbKeymaster 3166xp 3]

Should be sorted now, static cache was getting primed from wrong virtual host

[sundancer 42985xp 0]

Noice

[limburger 21709xp 0]

still getting the errors (67 ..getting silly)
did shift-F5

[sundancer 42985xp 0]

Did you log out, closed browser and logged back in?

[limburger 21709xp 0]

the web-equivalent of turning it on and off again … why didn’t I think of that ?

I never log out, unless the system mysteriously decides I need to log in again.
We’ll have to wait and see if things change.

[zorg 18801xp 0]

i’m still getting the error message? guys.

[Author]

Posts