Not sure how to let Tesla know, but the certificate for www.teslamotors.com expired 10 days ago and redirects aren't being sent back to users accessing old URLs. They're just getting a security error.
Yes, I’m getting the same warnings on my iPhone.
See the related thread from TMC: https://teslamotorsclub.com/tmc/threads/strange.176357/
From that thread, they point out ir.teslamotors.com works fine, which is interesting considering that its certificate was issued January 16, 2019 and expires on February 3, 2021. They could just use that cert for the main www.teslamotors.com site.
I IGNORE ANY/ALL information found on TMC dot con, it's a troll based farm using A squared methodology to incite advert. consumers. The T site's Security cert is just fine. Drive by for another fake advert......
@BadgerErickson - While you might not be interested in TeslaMotorsClub.com, the certificate for www.teslamotors.com has indeed expired.
Here is the error message:
"This server could not prove that it is www.teslamotors.com; its security certificate expired 11 days ago. This may be caused by a misconfiguration or an attacker intercepting your connection. Your computer's clock is currently set to Thursday, December 12, 2019. Does that look right? If not, you should correct your system's clock and then refresh this page."
I always wonder about people like BadgerErickson who attack and make comments about things that you know nothing about.
Who cares about Teslamotors.com? It was retired 2-3 years ago. The current site is Tesla.com and its certificate is up to date.
@ reed lewis ;it has NOTHING to do with my "interest" but pointing out a scam: freeloaders making money off of EM's brilliance, parasites really, at TMC dot cons......
I just finished multiple correspondence with Tesla via their website, e-mails etc.. There is NOTHING wrong with their Security certificate(s). My E-mail systems are encrypted and would have notified me of ANY Security problems therein.
"I always wonder about people like BadgerErickson who attack and make comments about things that you know nothing about." LOL, thanks for playing, try again.....;-)
@BadgerErickson - The certificate for Teslamotors.com had expired. This is not conjecture, opinion or anything like that. It is a fact.
Your response shows that you know very little about security. It was the certificate for the web page teslamotors.com that was expired. it would not occur or exhibit itself in an email exchange. That uses a completely different channel.
Look, I have 25 years of internet security experience. I have been creating SSL certs for 15 years. I have written SSL libraries. I simply know more about this than you think you do.
...And again, what does TeslaMotorsClub have to do with TeslaMotors.com? There is no connection.....
....but it looks like teslamotors.com is now not connectable anymore. It seems that Tesla shut it down.
@reed_lewis - I have a huge amount of respect for anyone that navigates the nightmare of SSL certificates. I've done quite a few myself but always seems to be such 1990's process. I understand the reasons, but you'd think someone would fully automate the service and just bill me. Never got AutoSSL to work, but also didn't spend much time with it.
Let's Encrypt is all the rage.
Amazon AWS makes it pretty seamless also these days.
teslamotors.com used to be Tesla's domain. They changed to tesla.com three or four years ago, but forwarded teslamotors.com to the equivalent page.
Now, it's clear they plan to just park teslamotors.com. Change all URLs to tesla.com/xxx and all is good.
We wanted to encrypt some basic stuff recently in our product. My chief of R&D suggested AWS. I was very surprised at that suggestion. We did it another way, since we don’t use AWS but google. However, Amazon AWS continues to lead because of small things like these.
AWS ACM for EC2 elastic cloud is free, autorenews, and easy to set up. We use it for our consumer servers.
Their certificate is just fine, there's nothing wrong, I saw it in the 4th dimension and all is well SpaceBalls.
@Redshift, only if you are using AWS completely. You don’t have access to the entire cert.
But they rotate automagically behind the scenes, which is handy.
It’s a trade-off.
BTW, I thought YOU were the chief of R&D!.?
SSL is a nightmare to work with. As an example I had an issue where I was working to secure a webserver that was an API gateway. Some clients could connect successfully with just the correct certificate , while others needed the entire trust chain embedded into the file that was delivered. It took three days to figure out that little issue...