I was going through all my online accounts and moving all the unimportant accounts with passwords I know off the top of my head to using randomly generated passwords managed by a password manager. While doing that, I found out that my password manager doesn't work nice with this site because the connection to this site is acknowledged as unsecure by both Firefox and Chrome. I figured that nobody had bothered to migrate this site to HTTPS, but apparently this site does indeed have a valid (and recently renewed) SSL certificate. I don't necessarily know what that is for sure but https://www.ssllabs.com/ssltest/analyze.html?d=onemoreinthetolly.com suggests that it might be because this site doesn't have a DNS CAA record set up. I don't really know anything about how this site is hosted (other than the fact that cPanel is apparently the issuing certificate authority), but this is the first google suggestion I found for "cpanel caa": https://wphosting.com.au/support-article/how-to-create-a-caa-record-within-cpanel. shrug I hope that helps.

TLDR: HTTPS no workie.

The CAA record is queried by the CA before the certificate is issued. It's mandatory for the CA to query for the CAA record, but not for the CAA record to exist in the first place. The fact that a valid certificate has been issued, would indicate that this isn't the problem. TLS appears to be configured and working fine. The site requires a number of resources and specifies those resources using the http scheme, fixing this should be a case of updating a few urls.

Write a Reply...