Welcome to Tesla Motors Club
Discuss Tesla's Model S, Model 3, Model X, Model Y, Cybertruck, Roadster and More.
Register

HTTPS?

This site may earn commission on affiliate links.
bmah

bmah

Moderator, Supercharger Hunter
Global Moderator
Mar 17, 2015
5,968
13,710
Lafayette, CA, USA
#1
I wasn't able to find any query like this in the forums so far so...

Any chance of getting the forum to work over HTTPS instead of (or in addition to) plain HTTP? It sort of halfway works for the first page load, depending on browser settings, but then any click seems to go back to using HTTP.

One reason to do this is the when users login, at least some part of their credentials get passed in the clear over the network.

Thanks!
 
#2
I hear ya. I'd like us to switch to https exclusively, but vBulletin, our current forum software, does not make it easy. The problem is there are a lot of non SSL elements, e.g. externally hosted embedded images, etc. Most modern browsers will basically block the entire page when that happens.

We're looking to migrate platforms, which will get more attention after TMC Connect. Note that the event website does have SSL.
 
#3
doug said:
I hear ya. I'd like us to switch to https exclusively, but vBulletin, our current forum software, does not make it easy. The problem is there are a lot of non SSL elements, e.g. externally hosted embedded images, etc. Most modern browsers will basically block the entire page when that happens.
Click to expand...

In a way it's comforting to know I'm not the only person who's thought about this.

We're looking to migrate platforms, which will get more attention after TMC Connect. Note that the event website does have SSL.
Click to expand...

Cool, thanks!

Bruce.
 
#4
Have you considered an SSL front end/load balancer that would do the SSL on the client side but leave the backend non-SSL? Not ideal if done incorrectly, but could be done with one of many services, like an AWS Elastic Load Balancer I believe. Can also get IPv6 support this way.

Isn't TMC on AWS now? Should be relatively straightforward to put the site behind an ELB and enable SSL on the client side of things. Would only be non-SSL internally at that point. I've done this previously, and it works reasonably well.

(I had this discussion recently and.... I can't remember if it was here or not....)
 
#9
wk057 said:
Have you considered an SSL front end/load balancer that would do the SSL on the client side but leave the backend non-SSL? Not ideal if done incorrectly, but could be done with one of many services, like an AWS Elastic Load Balancer I believe. Can also get IPv6 support this way.

Isn't TMC on AWS now? Should be relatively straightforward to put the site behind an ELB and enable SSL on the client side of things. Would only be non-SSL internally at that point. I've done this previously, and it works reasonably well.
Click to expand...

^ I still think this is probably the best bet for pretty much immediate IPv6 and SSL support for TMC. :-D
 
#10
The issue isn't the cert. It's the mixed elements on the forum. Of course we use SSL on the TMC Connect registration site which is the same domain. Well be full SSL when we change platforms, which will be soon. Perhaps by next week if I can cross all the Ts.
 
You must log in or register to reply here.

Similar threads

dlorenz786
  • Question
Trouble Replying on a Supercharger Thread
Replies
1
Views
120
Off Topic
ewoodrick
E
A
WARNING - Car Report Scam- VinGator
Replies
3
Views
942
Off Topic
swaltner
swaltner
A
Browser forces HTTPS on HTTP site
Replies
10
Views
2K
Software: Firmware Updates, Features, Tesla App
thesmokingman
thesmokingman
scaesare
Broken embedded twitter images?
Replies
1
Views
525
Site Feedback & Announcements
scaesare
scaesare
CXCRaffle
Vendor One month left to win a Model S Plaid or any other EV, taxes paid!
Replies
4
Views
592
Model S: Ordering, Production, Delivery
CXCRaffle
CXCRaffle
Top
Back
Blog
New
Forum list
Marketplace
Menu