SSL!

By | November 20, 2016

I’ve got some exciting-ish news. As of this week, all of HazteK Software’s websites are available via HTTPS. That means traffic between my server and your computer is encrypted from end-to-end. It was about time we caught up with the rest of the internet, and thanks to both StartSSL and the Let’s Encrypt project, we have SSL enabled for free! HazteK Software has always been a hobby, and not something that makes me money, so costing $0 was the biggest need for the certificates.

While the main site is encrypted, this is mostly beneficial for our online tools, TrueIP and StorURL. You no longer need to worry about your user accounts being compromised because your credentials are transmitted over plain text.

Update: If you are seeing a SEC_ERROR_OCSP_BAD_SIGNATURE error message in Firefox when trying to use any of the HazteK Software sites, there are a few options.

  1. Easy: Use a different browser, like Chrome, Opera or Internet Explorer. I haven’t run into an issue with any of these options, only Firefox.
  2. Advanced: Open your about:config settings and set both security.ssl.enable_ocsp_must_staple and security.ssl.enable_ocsp_stapling to false. From what I understand, this does not really impact security, but Firefox is programmed wrong and instead of failing open when it is unable to contact the OCSP server, it is failing closed and not allowing any traffic to the site.
  3. Use HTTP and forego SSL. All of our sites still listen on standard HTTP ports as well. This is not recommended for services like TrueIP and StorURL, but the option is there if you feel safe doing so.
  4. Donate! Any money donated to me for the site will allow me to buy certificates from a provider instead of relying on free services like StartSSL, which seems to be the issue at the moment.

Leave a Reply

Your email address will not be published. Required fields are marked *