Hello
Following user-initiated reports, we’ve discovered a mis-configuration in our SelfSigned Certificates tool that allowed for insecure certificates to be generated. At this time, we recommend that users stop using the tool, and request a free GoGetSSL certificate until the issue is resolved. Please see the frequently asked questions below, and reply if you have any additional questions or concerns.
Is my site security at risk?
Probably not. Since SelfSigned certificates are not trusted by browsers, and are generally used to secure the connection between TinkerHost and Cloudflare, your users won’t see the certificate directly when accessing your site normally. On free hosting, SSL certificates exist primarily to protect your users, and your own credentials when login into platforms like Wordpress. However, modern browsers and Cloudflare have security measures in place to prevent you from connecting if an insecure certificate is found on TinkerHost.
Is my users data secure?
If you utilize CloudFlare (And “Full” or above SSL mode), or your users use a modern updated browser, their browser or CloudFlare will block the connection to the server, and an error message will be shown. Sensitive information (Like passwords) won’t be shared over the insecure connection. Users will not have the ability to bypass this error page.
What error messages could I see?
If connecting directly, Chrome and Chromium-based browsers will return a message similar to “SSL_PROTOCOL_ERROR”. If your use CloudFlare to protect your site, a 525 error will be returned.
How can I resolve this?
Pick one of the methods below:
Temporarily set your CloudFlare SSL mode to “Flexible”. Note that while this will encrypt information between your users and Cloudflare, information from Cloudflare to TinkerHost is not encrypted. While a solution, this is not recommended.
Install a GoGetSSL certificate on your site via the SSL installer (We recommend using the “AutoSSL” checkbox when creating the certificate). After the certificate is installed, set your Cloudflare SSL mode to “Full (Strict)”. This will encrypt all communication on the route from your users to the TinkerHost network. This is the recommended solution.
-
We’ll post updates here as they become available. While an ETA is not currently known, we are doing are best to ensure this is fixed as quickly as possible.
We apologize for any inconvenience caused.