G oog le BadWeB | Login/out | Topics | Search | Custodians | Register | Edit Profile Ads by Motorcycle.comMotorcycle InsuranceMotorcycle PartsMotorcycle Helmets Motorcycle Tires Buell Motorcycles

Author Message   Rotchcrocket51 Posted on Tuesday, March 04, 2008 - 11:16 am:        When I tried to log in the Buell Owner's portion of the Buell website, I received this message........... " There is a problem with this website's security certificate. The security certificate presented by this website was issued for a different website's address. Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server. We recommend that you close this webpage and do not continue to this website. Click here to close this webpage. Continue to this website (not recommended). More information If you arrived at this page by clicking a link, check the website address in the address bar to be sure that it is the address you were expecting. When going to a website with an address such as https://example.com, try adding the 'www' to the address, https://www.example.com. If you choose to ignore this error and continue, do not enter private information into the website. For more information, see "Certificate Errors" in Internet Explorer Help." Has anyone else received a message like this? It doesn't seem like an issue of the security settings on my computer.   Glitch Posted on Tuesday, March 04, 2008 - 11:37 am:        Your browser settings probably doesn't like the fact that the Buell website redirects you to the H-D website.   Reepicheep Posted on Tuesday, March 04, 2008 - 03:30 pm:        Somebody just got a HTTPS certificate signed for a particular domain, but then exposed that server on another domain. Domain names are like street addresses, they are just a useful (but arbitrary) way to describe how to get to a real thing. If they did it with a redirect, it should be fine, its a "build once and host at one IP address but expose with different domains" problem more then likely. Its a warning, because that is *exactly* what you would see if somebody managed to hijack the sites DNS address (social engineer the DNS registrar or a disgruntled employee) and set up a fake site that looks like the real site. The only warning you would have is that somebody "stealing the address" would not have the private keys necessary to satisfy the signed SSL certificate. Your browser is just telling you this, that it can't authoritatively verify the site you are visiting is who it claims to be. 999 out of 1000 times its just a screwup on the hosting providers side. But I wouldn't type in any credit card numbers until they straighten it out.

Add Your Message Here Post: -Color- Black Red Green Blue Yellow Purple Orange Cyan Gray White -Font- Arial Courier Symbol Times Verdana -Size- Smallest (-2) Small (-1) Normal Large (+1) Largest (+2) Username: Posting Information: This is a private posting area. Only registered users and custodians may post messages here. Password: Options: Post as "Anonymous" (Valid reason required. Abusers will be exposed. If unsure, ask.) Enable HTML code in message Automatically activate URLs in message Action: