Invalid certificate name

LadyRaee

CHEERFULLY SUICIDAL
Sep 1, 2012
197
216
I've been getting this notice every time I visit the site for last 2 months or so, could site staff please finally address the issue?

avpui_2017-11-10_17-26-26.png
 

Idolon

they/them
aa
Feb 7, 2008
2,105
6,106
This is the first we've heard of the issue. Could you provide more information on what it is? What application is giving you this notice? What do the Details and View Certificate options show?
 

Da Spud Lord

Occasionally I make maps
aa
Mar 23, 2017
1,339
994

Idolon

they/them
aa
Feb 7, 2008
2,105
6,106
Looks like Kaspersky just doesn't like the certificate, considering that when this started for you (2 months ago) lines up approximately with when the certificate was issued (Sept 6th, 2017).

Do you log in every time you visit the site? I suspect the error may have to do with ads, but I don't really know for sure. Some cursory Googling of the issue seems to show that the error is either Kaspersky's fault (people get this error on sites like Google and Facebook) or the fault of external services.

@drp may also have some insight.
 

Geit

💜 I probably broke it 💜
aa
May 28, 2009
598
1,161
Looks like https://forums.tf2maps.net/ is misconfigured and is presenting the wrong certificate - I'd reccomend just removing it from your bookmarks and readding it as tf2maps.net, which has the correct cert CN.

Overall tf2maps gets an A on it's SSL implementation: https://www.ssllabs.com/ssltest/analyze.html?d=tf2maps.net so you don't need to worry about your security too much so long as you can see the green padlock. I'd advise against clicking through any security warnings your browser or A/V shows you and raise a member of staff on discord/steam for confirmation first at the very least.
 
M

My bad

Went to forums.tf2maps.net, Firefox gave me this: SSL_ERROR_BAD_CERT_DOMAIN
This error is telling you that the identification sent to you by the site is actually for another site. While anything you send would be safe from eavesdroppers, the recipient may not be who you think it is.

A common situation is when the certificate is actually for a different part of the same site. For example, you may have visited https://example.com, but the certificate is for https://www.example.com. In this case, if you access https://www.example.com directly, you should not receive the warning.

In this case, the certificate is only for the feedback sites:
feedback.tf2maps.net, www.feedback.tf2maps.net