It seems the Web browser detects an issue with the certificate of the https://forums.puri.sm/ website, indicated by white exclamation mark on orange background on the lock symbol before the URL.
Also, uploading a screenshot of the URL bar including the lock symbol indicating the issue fails with the message “Sorry, the file you are trying to upload is not authorized (authorized extensions: jpg, jpeg, png, gif, webp).” even though the screenshot is a png file and I also tried with a jpg.
It seems the certificate expired on March 19, 2021.
While the “Web” browser indicates an issue with the connection, I can’t easily find out why. I think this is a UI issue of the “Web” browser.
I see a certificate that expires on September 15, 2021.
That is the expiration date of the root certificate (DST Root CA X3) and R3, but the certificate for forums.puri.sm derived from them already expired.
How do you see the information about certificates for the Web browser?
I don’t. At leas not in “Web” here on my L14.
On a Mac using Brave shows the X3 certificate mentioned above, but on the same Mac using Firefox I get seerved a different certificate based on X1 that is renewed. I have not seen anything like this. I mean that a website serves different certificates for different browsers.
If you know how I can inspect the certificate served to the “Web” browser, I am all ears.
@fee, not sure what’s happening here, maybe the system clock is out of sync or maybe purism uses a CDN so you’re getting an old/bad cache. Mine also shows good until 14 September from Firefox/Chromium for me today.
Sadly it takes a lot of clicks to view the full details of a certificate, but here’s a quick duckduckgo result:
Good also using openssl s_client -connect forums.puri.sm:443
They are using Let’s encrypt and they also don’t look to be on any CDN the forums.puri.sm reverse IP lookup does not hint a CDN.
My guess would be a bad date/time on your Laptop, also seeing that the cert got issued on Jun 16 ( Not new ).
Not for me.
Firefox gives certificate chain (Validity Not After):
forums.puri.sm)I would verify the IP address that you see for forums.puri.sm (138.201.228.33 for me). In Germany according to my browser.
Possibly this is a “new user” restriction - with a poor error message. ???
I think it can be explained by different browsers using different preinstalled root certificates. There may be a certificate chain that is OK for browser A but not for browser B, if it depends on a root certificate that is included in the list of trusted certificates for browser A but not for browser B.
Unfortunately (according to https://help.gnome.org/users/epiphany/stable/cert.html.en) “Web does not have built-in support for certificate management at this time.” However that page does suggest a command to add a new certificate that you want to trust. (Maybe you can get it to behave in the same way as another browser by using such a command to tell Web to trust the same root certificate that the other browser is using.)
Some more information: When I use an Inkognito Window in “Web” the same browser did get served a new and valid certificate.
Update: today everything works and now “Web” lets me inspect the certificate. There is a new “View Certificate” button in the drop-down after clicking on the lock symbol in the URL bar.
And update again: After a restart. Back to the old certificate with the normal tab and the “View certificate” button is missing again. It seems this is only on display if the certificate is valid, but not when there is a problem with the certificate. I do wonder what the rationale behind this UI decision was.