Jump to content

Wherigo Ranger Fox Unsafe site warning


TAAJM

Recommended Posts

I've attempted to navigate to Wherigo kiit to check what's going on, and firefox stops me with this warning message:

"Wherigo.rangerfox.com uses an invalid security certificate.

The certificate is only valid for the following names: *.azurewebsites.net, *.scm.azurewebsites.net, *.azure-mobile.net, *.scm.azure-mobile.net, *.sso.azurewebsites.net Error code: SSL_ERROR_BAD_CERT_DOMAIN"

 

Link to comment

Further experimentation has the main Wherigo foundation page opening fine, but the invalid certificate dialogue box popped up when I attempted to go from there to kit.

 

I've done a little research and it seems like this is a common problem : security  certificate /site name mismatcht has happened plenty of times over several  years for many websites ! I was reassured by this, and that the 'azurewebsites' is not malicious, so made firefox give  Wherigo kit an exception so I could open it. The site is fine as far  as I can see, the builder works, no problem authorising it with Groundspeak api .

 

Mind you,  I'm not an expert, so exercise caution until someone who actually understands what they are doing comes along. !

 

Link to comment

Please use kit.wherigofoundation.com.

 

The long version:

I put out an update today that uses the new geocaching API, which requires SSL.  For the past four years, I've been moving away from hosting at Wherigo.rangerfox.com.  I didn't think people were still using the old URL, so I didn't want to pay an extra $70/year for the SSL certificate.

 

Tell you what: I'll go ahead and pay for the certificate, then later do something to redirect from Wherigo.rangerfox.com to kit.wherigofoundation.com so I don't have to keep paying for that additional certificate year after year.  (Running Kit and the WF site come to around $1,600/year.)

Link to comment

And a little time later, I have a certificate for Wherigo.rangerfox.com.  Hooray.

 

 

While I was waiting for the deployment, I got bored and wrote the steps:

- Create the certificate request

- Add to Kit's key vault

- Get an email sent to verify I own the site, upload a certain file to rangerfox.com

- - - Oh, I need to remove the SSL stuff first so the validation will work

- Import the private certificate to Kit

- Bind the certificate to Wherigo.rangerfox.com

- Laugh that I can use the geocaching API to accomplish a redirection to kit.wherigofoundation.com

- Update Kit so it redirects when someone uses Wherigo.rangerfox.com.  Later, I'll disassociate Wherigo.rangerfox.com with the Kit site and host an HTML page there to do the redirect so I don't have to keep paying for an SSL certificate.

Link to comment

I could probably reduce the costs some if I got the least powerful server and database plan they had. But you figure five sites each with hosting, database, blob storage, and certificates (production and staging for Kit and the WF sites, plus the Kit v2 site I need to complete), plus domain names will run me on average about $130/month. I have a few other inactive demo sites, like a proof of concept for a viewer for watching people play cartridges in real time. And I’m still a little hesitant on receiving donations.

 

Anyway, I was looking through all this code I wrote six to ten years ago and I can see I’ve definitely improved since then. That’s good. 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...