Jump to content

Canalworld "connection not secure" in Firefox


Featured Posts

When I log onto Canalworld in Firefox, I get a little "i" symbol in the menu bar instead of the little green padlock, and when I click on it, I get a warning that the "connection is not secure" I also seem to get the same warning on every other website except Google, Yahoo, and the Mozilla site. This has only happened recently, I have consulted the Firefox help pages. but they might just as well be written in some unknown foreign language for all the use they are.

 

Has anyone else had the same issue, and if so, have they managed to resolve it? If this is just Mozilla engaging in agressive marketting, I can live with it, but I am a bit concerned that something may have invaded my computer.

 

By the way I am still using the ancient Windows XP version, which i know is not supported by some more up to date programmes, I also use Avast (free version) but have recently removed a McAfee programe which ws downloaded by an Adobe update without my consent, and was slowing everything up.

Edited by David Schweizer
Link to comment
Share on other sites

It's telling you that your connection is not secure. The green padlock means that your connection is via https instead of the less secure http protocol. not a worry for browsing but very important if shopping or banking as other people could steal your details.

Link to comment
Share on other sites

Support for SHA1 certificates has been stopped by all major browsers and they are now displaying various messages depending on the browser relating to the site not being safe. The certificate will need to be renewed at some point with a more secure SHA2 certificate.

Link to comment
Share on other sites

Support for SHA1 certificates has been stopped by all major browsers and they are now displaying various messages depending on the browser relating to the site not being safe. The certificate will need to be renewed at some point with a more secure SHA2 certificate.

 

Thanks for the advice, but I have no idea what that means, could you please explain, and how do I get an SHA2 certificate

It's telling you that your connection is not secure. The green padlock means that your connection is via https instead of the less secure http protocol. not a worry for browsing but very important if shopping or banking as other people could steal your details.

 

I had assumed that, but did not know what was not secure, your advice about sites which have bank details is helpful. I have checked on my PayPal site, and that has a green padlock and says the "connection is secure"

Link to comment
Share on other sites

In other words, it's a canalworld.net issue, not an issue with your PC or browser.

 

Maybe, along with numerous other sites including big players like eBay, John Lewis, Tesco, etc. Interestingly Sainsburys is secure with a green padlock.

Link to comment
Share on other sites

The certificate is on the web site not on the local computer, the website owner is responsible for updating the sites certificate. I'm not 100% on what certificates are installed on canal world as I'm on a tablet and it is a bit more difficult to check but it looks like it doesn't have the site name registered correctly. Certainly looks to me like something Daniel or the technical support need to look at.

Link to comment
Share on other sites

 

Maybe, along with numerous other sites including big players like eBay, John Lewis, Tesco, etc. Interestingly Sainsburys is secure with a green padlock.

 

Correct - it's the sites you visit which determine the protocol and the certificates, not you. The sites with the padlock use a secure protocol (https) and the correct certificates.

Link to comment
Share on other sites

Thanks for all the advice, I can rest more happily now, I did try several sites where I make direct payments, and was concerned that not all of them had the green padlock. However, I have now discovered ( or should I say my wife has) that if you log in to pay, the green padlock apears, so panic over.

Edited by David Schweizer
Link to comment
Share on other sites

 

Canalworld uses http conection, not https. It doesn't have a certificate and never has done..

 

A someone who has only been a member for a few weeks, how do you know so much about the site?

 

or are you a sock-puppet1.jpg ?

Edited by David Schweizer
Link to comment
Share on other sites

I wasn't sure if the logon page was wrapped in an HTTPS connection as that is something I have been looking at doing for one of my sites where there is an option to login. It might be that David"s version of Firefox is warning that the user credentials are being entered on a non HTTPS page then as this is a new feature being introduced to Firefox.

Link to comment
Share on other sites

I read in a tech journal a couple of days ago that firefox was going to start flagging any website that asked for login details and didn't use a https connection as potentially dangerous, what is being seen may just be the precursor to that

Link to comment
Share on other sites

Really? A lot of websites' login pages are http and don't go to https until AFTER you have logged in. Try eBay.com and eBay.co.uk for example!

To prevent the username and password being sent in clear text they should be sent over an HTTPS page. The login form can use a secure connection and then once logged in continue with everything being presented via HTTPS.
Link to comment
Share on other sites

Really? A lot of websites' login pages are http and don't go to https until AFTER you have logged in. Try eBay.com and eBay.co.uk for example!

 

If you are not logged in and go to https://ebay.comit redirects you to http://ebay.com

you will usually find that the target of the login is https

Link to comment
Share on other sites

We will likely use https at some point in the near future though it's not a major concern as we don't process payment transactions. It is however something that I have thought about especially given recent browser changes.

 

As for using XP though - this is probably more of a concern as it's no longer patched/maintained by Microsoft and hasn't been for quite some time. While it was (arguably) a great OS in its day, it has long surpassed its use by date. It is now 16 years old.

Link to comment
Share on other sites

By the way I am still using the ancient Windows XP version, which i know is not supported by some more up to date programmes,

 

As has just been said, you should be far more concerned by this, than the connection you are getting in Firefox when accessing CWDF.

 

I run some fairly old software, but shudder to think just how many security loopholes must exist in XP, that will have had no fixes to them since Microsoft de-supported it.

 

Even assuming it is fully updated to Service Pack 3. It seems mainstream support of it ended nearly 8 yeras ago, and even "extended" support 3 years ago.

 

I wouldn't want to still be using an XP based computer to do financial business.

Link to comment
Share on other sites

The major problem with non-secure connection is that criminals (if they can be bothered) can intercept the web pages of CWF you are reading and read them too. They can even read the stuff you post too, heaven forbid!


Let's get this site secure IMMEIDATELY!

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.