Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Disable HTTPS-Everywhere for the site if you have that installed. Took me quite a while to figure out.


Why does the https redirect to http? Symantec can't afford to give itself a certificate?

the java server pages application that serves the main site has extended validation https://www.symantec.com/index.jsp

but connect doesn't. It seems like https://www.symantec.com/connect/ redirects to http://www.symantec.com/connect/

r.port="https"===o[0]?"443":"80"

Why can't Symantec afford to put ssl on its connect site? It is not like they have to pay anyone for a certificate...


Not even that, the domain already has a certificate, they're forcing a redirect to HTTP on a domain that already has a certificate.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: