Hello,

With recent movements by browsers like Chrome and Firefox pushing for sites to move from HTTP to HTTPS, I was wondering if you had any plans on adding SSL Certificates for ACC? For those that don't know, browsers like the ones I mentioned are starting to really point out sites to the users that are not properly encrypted with SSL, informing the user that the connection is unsecured and may not be trustworthy.

I added them myself to my own site and the method I used was simple (and free).  I'd be more than willing to pass on the resources I used to whomever might be in a position to do so; though that has to be someone who has access to FTP and the hosts Control Pannel (whatever that might be).

Regardless of how or who though, I would strongly suggest it as some traffic may be scared off by the warnings now coming in from their browsers; plus, it really is a good idea to secure sites to the best of your ability, and the sad truth is that HTTP is vulnerable no matter what precautions you take otherwise...  HTTP data can get intercepted between the user and website by a 3rd party.

DW

Yeah, this is all stuff I've been saying for years. Unfortunately there is no version of IIS that is both old enough to support the various ancient ASP addons we need and new enough to support the certificates issued by Let's Encrypt, and setting up anything more complicated like a reverse proxy relies very much on prolonged communication with the site owner jader201, who is barely active at all these days. This is yet another reason why we're working to recode the whole site from scratch on a much more modern stack, under the direct control of the developer team.

If it's any help, we're planning to split out authentication to its own server soon, so at least things like the login form will be served over HTTPS.