• ⚠️ Possible issue on January 1
    The current SSL certificate expires on January 1, 2026. It should auto-renew automatically.
    If the site shows as “Not Secure” after that day, you can temporarily bypass the warning by searching Google for:
    “how to ignore expired certificate Safari or your browser.”

    For more information and detailed browser-specific workarounds, click here . This thread will be kept updated.

January 1, 2026 Certificate Warning

Sweeney

Sweeney

Administrator
Just a quick heads-up so nobody panics on New Year’s Day


Our current SSL certificate expires on January 1, 2026.It is set to auto-renew automatically a few hours before expiry, so in almost all cases nothing will change and the site will stay green/secure as usual. However, it was set to renew before and didn't. your browser will temporarily show a “Not Secure” or “Connection not private” warning. The summaries below are generated by AI, so I can't speak to validity...but you should be able to 'skip' the security check on the certificate by following steps below. Or, just googling how to bypass expired certificates on your browser. The data will still be encrypted, just the authenticity of the site is not 100% guaranteed as it is today. Very low risk in this case.

If that happens, here are the exact one-click (or two-click) ways to proceed safely for the most common browsers you use on our forum:


Brave (and all Chromium-based browsers: Chrome, new Edge, Opera, Vivaldi, etc.)
  1. When you see the warning page, click “Advanced” (bottom left)
  2. Click “Proceed to [your-domain] (unsafe)”→ You’re in. Brave will remember the exception until the proper certificate is back.

Microsoft Edge (current Chromium version)Same as Brave/Chrome – click “Advanced” → “Continue to [site] (unsafe)”.

Safari (macOS & iOS)
  1. On the warning page click “Show Details” or “Visit this website”
  2. Click the blue “visit this website” link
  3. If asked, confirm “Visit Website”→ Safari will remember the exception for this site.

Once the certificate renews properly, this workaround will not be required. And be assured, the powers that be are aware of this and lookign into it.

We’ll be monitoring the renewal closely, but now you also have the exact steps in case you need to jump in on January 1st.

Thank you for your understanding, and Happy (almost) New Year!
 
dustinp said:
Do you think Firefox will have any problems?
Click to expand...

They all will --- the certificates are used to ensure the website you are talking to is who it claims to be. There are several ways a hacker could put a man in the middle --- between you, and the company you are doing business with -- and 'scrape' your credit card information. There are techniques were a bad guy could put a computer between yours and where you want to view and intercept the messages. Certificates encrypt that data...but they also make sure that your browser is talking to who it really is ... think of it as checking an IT before you accept a check from some one.

With a 'man in the middle' attack - if you point your browser at 'google.com' you can be sure that 'google' is the only one who cna see the data...unlses you get this error then someting is wrong, possibly an 'attack' ---

When your web browser (or phone/app) connects to a secure website (like your bank or Gmail) using HTTPS, it doesn’t just blindly trust the website’s certificate. It runs a bunch of quick checks to make sure the certificate is real and trustworthy.


Here’s a simple, non-technical summary of the main checks TLS does:

  1. Is it the right website? (Common Name / Domain Name check)The certificate says “I belong to www.google.com”. The browser checks: “Are we actually visiting www.google.com?” If someone tries to use Google’s certificate on evil-site.com, it fails.
  2. Has it expired? (Validity dates)Every certificate has a “Not valid before” and “Not valid after” date.If today is December 6, 2025 and the certificate expired on December 1, 2025 → rejected.If the certificate says it only becomes valid next year → also rejected.
  3. Was it issued by someone we trust? (Trust chain / CA check)Certificates are digitally signed by Certificate Authorities (CAs) that your computer/phone already trusts (like DigiCert, Let’s Encrypt, Google Trust Services, etc.).The browser checks the signature all the way up the chain to a trusted “root” CA that is built into your device. If it doesn’t reach a trusted root → rejected.
  4. Has this certificate been revoked? (Revocation check)If a certificate was stolen or compromised, the issuer can put it on a blacklist (called CRL or OCSP).The browser usually checks online (OCSP) or looks at a pre-downloaded list to see if the certificate has been revoked → if yes, rejected.
  5. Does the certificate look tampered with? (Signature check)The browser verifies the cryptographic signatures on the certificate. If even one bit was changed, the signature won’t match → rejected.
  6. Is it being used for the right purpose? (Key usage / Extended Key Usage)Some certificates are only allowed to be used for websites, others only for email, etc. The browser checks it’s allowed for web server use.
  7. Is the name matching done correctly? (SAN – Subject Alternative Name)Modern certificates list all allowed domain names in a field called SAN. The browser checks the exact domain (and sometimes wildcard *.google.com) you’re visiting is in that list.

If every single one of these checks passes → you get the green padlock and a secure connection.If even one fails → your browser shows a big scary warning (“Connection is not secure”, “NET::ERR_CERT_DATE_INVALID”, etc.).

So, if godaddy doesn't renew, the 'validity date' will be expired and every browser will be unhappy. In most cases, you can say "go anyway..." but more and more, the browsers are making that harder to do. Which is probably smart. To make matters worse, the certifciates used to expire with long intervals. But now, its 90 days. Soon it will be 30 days. Its the price of security. Its all automated....but still something goes wrong and it can cascade into a big problem.
 
You must log in or register to reply here.
Back
Top