Jump to content

Kametsu is now SSL-ready!


Nekone

Recommended Posts

I am pleased to report that after a bit of teeth-gnashing and countless head-desking, Kametsu is now fully SSL-enabled!

 

We also want to let you know that, at times, your browser might say 'partially encrypted' or 'some parts insecure' or something similar. You will probably notice this occurring most often in these scenarios:

  • A topic that contains posts that have external images
  • A topic that contains posts made by a user that has an avatar linked externally
  • A topic that contains posts made by a user that has an image in their signature that is linked externally
  • User profile pages that avatars and/or images in signatures are linked externally

These scenarios only apply to EXISTING topics and avatars/signature images - that is, they existed BEFORE we turned SSL on. NEW topics created from this point forward are NOT affected by this as any externally linked images are forced to HTTPS transparently.

 

All members: If you wish to assist us in eliminating at least some of these areas, you can do so by refreshing your avatar URL and/or any embedded images in your signature. You do NOT need to prefix https:// to these things. Just re-set the same URL you have had before and save it - our system should automatically enforce HTTPS for it in the future. You need only do this for embedded images in your signatures in most cases. If you externally linked your avatar image, you'll need to do that for it as well.

 

If you notice any other site-breaking issues, please post in this topic so we can take a look. Thanks!

  • Like 15
Link to comment
Share on other sites

1 minute ago, JohnFlower said:

It's sloooooow.

 

Perfectly fine on my end as well as Koby's. Now I will say that initially, SSL session caching settings weren't properly configured, and that likely was significantly impacting the performance of the SSL module in a negative way. I've since tweaked those settings and restarted the webserver. However, there's nothing else I can do about that if it's still slow for you, and you will just have to bear with it, sorry.

Link to comment
Share on other sites

2 hours ago, Cryptic said:

The reply box wouldn't fully open for me at first, but it seems that was just a one time thing. I went and tested elsewhere and it worked fine, was probably just lag.

 

Yes both myself and Koby ran into this as well. There seems to be some occasional lag in spots, and I may have to tweak the web server software a bit more later on. I may actually implement the HTTP/2 module at some point, which should assist with that problem - it's generally a faster protocol than the standard HTTP/1.1 especially over SSL-secured connections. But that'll be for another maintenance time in the future.

 

(BTW: Fun read on what I'm talking about in regards to HTTP/2: https://en.wikipedia.org/wiki/HTTP/2)

Link to comment
Share on other sites

Just now, Cesario said:

Ah, this explains the 504 errors i was getting. 

I was using an old bookmark for kametsu which https didn't like. 

GG, got a bit scared when i couldn't login, thought the site was RIP

Strange. Any non-https link should redirect you to the https version.

 

Could you by chance share the exact link in a code box? It's the button that looks like <> on the top bar of the editor (in between the quote and spoiler buttons).

Link to comment
Share on other sites

Looks like redirection is working now but for the past few days i was being rejected, looks like my old bookmark was pointing to the index.php landing page

 

https://forums.kametsu.com/index.php

Secure connection failed

We're sorry. Your request for /index.php could not be completed.
This is probably because the site you were connecting to supports SSL but your browser and/or OS does not support the Server Name Indication extension to TLS (likely because it's too old), and thus you were dropped here instead. The only fix for this is to upgrade/change your browser and/or upgrade your OS - especially if you're using older Windows versions like Windows XP (if you are...why are you still using that, exactly...?).

Until then your connection will not function to the site you intended.

Did the whole cache clear / private browser dealy'o and but it was happening at home, phone on 3G and work network but i found going in through the kametsu.com link got me back in.

 

Link to comment
Share on other sites

8 minutes ago, Cesario said:

Looks like redirection is working now but for the past few days i was being rejected, looks like my old bookmark was pointing to the index.php landing page

 


https://forums.kametsu.com/index.php

Secure connection failed

We're sorry. Your request for /index.php could not be completed.
This is probably because the site you were connecting to supports SSL but your browser and/or OS does not support the Server Name Indication extension to TLS (likely because it's too old), and thus you were dropped here instead. The only fix for this is to upgrade/change your browser and/or upgrade your OS - especially if you're using older Windows versions like Windows XP (if you are...why are you still using that, exactly...?).

Until then your connection will not function to the site you intended.

Did the whole cache clear / private browser dealy'o and but it was happening at home, phone on 3G and work network but i found going in through the kametsu.com link got me back in.

 

Ah, the old forums.kametsu.com sub-domain. Well that would be it then, because it was never configured for SSL. I had forgotten about that redirect cause it happened like 3 years ago.

Kind of surprised to hear anyone would have still been using it after all this time...

Link to comment
Share on other sites

10 hours ago, Koby said:

Ah, the old forums.kametsu.com sub-domain. Well that would be it then, because it was never configured for SSL. I had forgotten about that redirect cause it happened like 3 years ago.

Kind of surprised to hear anyone would have still been using it after all this time...

I ran into the same issue. took me a little bit to find my way around it.

Link to comment
Share on other sites

On 4/26/2017 at 1:11 AM, Freakindeed said:

I got a certification error when using Palemoon, it was necessary to approve that  to access Kametsu.

 

The certificate we use is issued by a trusted authority in all the major browsers. This should not be an issue unless you were using a browser that has not been updated to reflect current trusted Certificate Authorities. It also should not occur if you access the forums using https://kametsu.com - or www.* should also work. But any other domain will not.

 

20 hours ago, ZeroPenguins said:

If you're using the rewrite engine, it's actually not that perfect, can break certain links or interactive media (think javascript) when it comes to images/videos links.

 

But thanks for doing the SSL/TLS, about time I say!

 

For the time being we use the rewrite engine to do our redirects. The hope is to bring all of the *.kametsu.com domains under SSL eventually (including the XDCC parser site). At that point I can probably change the redirect method to be more accurate.

  • Like 1
Link to comment
Share on other sites

  • Nekone locked this topic
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...
Please Sign In or Sign Up