September/October 2018 issue of acmqueue The September/October issue of acmqueue is out now

Subscribers and ACM Professional members login here

Web Security

  Download PDF version of this article PDF

Error 526 Ray ID: 47c003b239320ec7 • 2018-11-19 04:43:11 UTC

Invalid SSL certificate








What happened?

The origin web server does not have a valid SSL certificate.

What can I do?

If you're a visitor of this website:

Please try again in a few minutes.

If you're the owner of this website:

The SSL certificate presented by the server did not pass validation. This could indicate an expired SSL certificate or a certificate that does not include the requested domain name. Please contact your hosting provider to ensure that an up-to-date and valid SSL certificate issued by a Certificate Authority is configured for this domain name on the origin server. Additional troubleshooting information here.


Originally published in Queue vol. 10, no. 11
see this item in the ACM Digital Library



Paul Vixie - Go Static or Go Home
In the end, dynamic systems are simply less secure.

Axel Arnbak, Hadi Asghari, Michel Van Eeten, Nico Van Eijk - Security Collapse in the HTTPS Market
Assessing legal and technical solutions to secure HTTPS

Sharon Goldberg - Why Is It Taking So Long to Secure Internet Routing?
Routing security incidents can still slip past deployed security defenses.

Ben Laurie - Certificate Transparency
Public, verifiable, append-only logs


(newest first)

Respiratio | Thu, 14 Nov 2013 08:59:30 UTC

Hi, nice article. This is exactly why we provide FREE shell and proxy services @ . We also recommend DNScrypt and we have obfuscated ssh, that helps with the GFW. Other features a TOR, Socks5, Squid HTTP and other fun stuff to help people. Intented for journalists, bloggers and all others who really need it!

AA | Wed, 13 Nov 2013 03:29:11 UTC

If everyone else blocked China and injected their DNS so they had no communication - thus no trade or business - they would quickly be stopping their filtering and blocking. It's also probably very easy to do - simply stop querying their root servers for anything. It would be like turning the lights out on China. Just have all other root servers ignore F,I and J queries, or pass any F I J queries to A B or C instead.

johnie | Mon, 03 Dec 2012 06:46:22 UTC

well, it is possible to turn the net off! The did it in Xinjiang for a year after the riots in 2009, and there are reports of complete blackouts around the ares where Tibetan self-immolations are happening.

Yanom | Sat, 01 Dec 2012 13:20:45 UTC

i2p is a better darknet, like tor but without the Achilles heel of a blockable central directory. works fine inside China.

Leave this field empty

Post a Comment:

© 2018 ACM, Inc. All Rights Reserved.