Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Yet another Virmach story: expired certificate!
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Yet another Virmach story: expired certificate!

Just wanted to check my virmach account, but was greeted with "Warning: Potential Security Risk Ahead" message. Guess what? The certificate for virmach.com expired on 11/20/2022...

I can accept they use letsencrypt's cert (though it is not so common for commercial entities), but how could they not notice it expired? AFAIK, you get a few emails from Let's in advance, warning you about your cert running out. Moreover, if you set up all properly, you do not have to take care about it, as auto-renewing Let's cert is pretty reliable...

Comments

  • Virmach things.

    Thanked by 3JasonM Kebab equalz
  • JasonMJasonM Member
    edited November 2022

    I will not be surprised at all if their domain expires! :#

    Thanked by 1TODO
  • Nice move virmach

  • you have been VirmACHEd but they paid $200!

  • LOL. I went to billing.virmach.com which is what I regularly used. It has a valid cert from Sectigo RSA Domain Validation Secure Server CA . The funny part is that it is a wildcard cert and should work for the entire domain if configured.

    I let my virmach go back to the source. It had been moved to Tokyo. didnt even want to try to resell it. He may miss the revenue but prolly not much profit.

    Thanked by 1yoursunny
  • yep, they use it for solusvm.virmach.com too, so it works. But for some reason they decided to use different cert for main web-page...

  • a blog collecting all these virmach stories would be awesome

    Thanked by 1TODO
  • @Jarry said:
    yep, they use it for solusvm.virmach.com too, so it works. But for some reason they decided to use different cert for main web-page...

    oh yes. the main page was redone lately. It confused me cause it was developed live and for awhile had a lot of nonsensical stuff on it . probably didnt setup the cron for letsencrypt

  • OP has been clasically virmached. Being virmached is the same as buying services which will involucrate. It is not the shame, it is just people of certain taste who use virmach and love to get mached with *** in their face and are happy :D

  • WebProjectWebProject Host Rep, Veteran
    edited November 2022

    Open a support ticket and pay for it so they be able to assist you with their issue as it’s normal with them!

    Haha, new way to run the business, users will monitor the services and provider just skim the charges for issues - “premium support” as customers need their data or service.

  • Need moar work orders.

  • emgemg Veteran
    edited November 2022

    @jperkins said:
    LOL. I went to billing.virmach.com which is what I regularly used. It has a valid cert from Sectigo RSA Domain Validation Secure Server CA . The funny part is that it is a wildcard cert and should work for the entire domain if configured.

    I let my virmach go back to the source. It had been moved to Tokyo. didnt even want to try to resell it. He may miss the revenue but prolly not much profit.

    I just went to the main virmach.com page, and the main webpage is covered by a Sectigo wildcard certificate (*.virmach.com). As of this writing, it was newly issued about 14 hours ago. It expires on 1 December 2023.

  • yoursunnyyoursunny Member, IPv6 Advocate

    @zed said:
    a blog collecting all these virmach stories would be awesome

    VirmAche.com is available.

    @cybertech said:
    you have been VirmACHEd but they paid $200!

  • jbilohjbiloh Administrator, Veteran

    @virmach continues to hide.

  • @jbiloh said:
    @virmach continues to hide.

    He's not hiding, he's just left LET. He's available on other platforms.

    Thanked by 2ralf DanSummer
  • @jbiloh said:
    @virmach continues to hide.

    Did you try to contact him on LES? I guess not. I suspected from your very first post on the old VirMach thread you had a plan in mind.

  • add_iTadd_iT Member
    edited November 2022

    Sure he is hiding

    Because he is not mentally strong provider here

    He offering deal here on first place and then left

    He has no guts to face his unsatisfied customer

    Because on the other side he has many worshipper that ready to back up him all time

  • emgemg Veteran

    @jbiloh said:
    @virmach continues to hide.

    @DanSummer said:
    Did you try to contact him on LES? I guess not. I suspected from your very first post on the old VirMach thread you had a plan in mind.

    If @jbiloh has an account on LES, he is not likely to make it obvious.

  • @add_iT said:
    Sure he is hiding

    Because he is not mentally strong provider here

    He offering deal here on first place and then left

    He has no guts to face his unsatisfied customer

    Because on the other side he has many worshipper that ready to back up him all time

    He's busy attempting to fix things, on the other forum that's understood, here it's definitely not. It's completely understandable why he doesn't frequent here anymore.

    @add_iT said:
    Because he is not mentally strong provider here

    This kind of stuff is the reason

  • @Jarry said:
    Just wanted to check my virmach account, but was greeted with "Warning: Potential Security Risk Ahead" message. Guess what? The certificate for virmach.com expired on 11/20/2022...

    I can accept they use letsencrypt's cert (though it is not so common for commercial entities), but how could they not notice it expired? AFAIK, you get a few emails from Let's in advance, warning you about your cert running out. Moreover, if you set up all properly, you do not have to take care about it, as auto-renewing Let's cert is pretty reliable...

    The common problem is that the certificate is renewed successfully, but the webserver is forgotten to be restarted to use the new cert. That's been the case on 2/2 times I've reported it to different websites over the years.

Sign In or Register to comment.