tupperware topics require a more secure layer than beer brewing.

When I clicked on the HTTPS link, I received a warning from Firefox that it couldn't confirm that the link was secure. Opening the details box, I see this:

homebrewtalk.com uses an invalid security certificate. The certificate is only valid for the following names: glockforum.com , www.glockforum.com (Error code: ssl_error_bad_cert_domain)

Hmmmmmm.....

I think the cert has to be through someone like verisign to not give that error (meaning it is local-cert, not paid-for), and unless you are making money from the forum... it may not be cost-effective to pay for a cert for SSL for a beer-forum.

Buuuuuuurp
God I hate looking at that ugly face

The browser throws that error because the Common Name is part of the SSL certificate. IN this case, the cert is www.homebrewtalk.com. If the browser loads a web page over SSL and the web server throws an SSL cert where the CN doesn't match the URL the browser is loading, the browser will throw a warning/error. It's likely the SSL cert is 'legit', but the implementation of said cert is incorrect.

Note: I checked out the cert being presented by https://homebrewtalk.com and it's valid based on the CA chains.

And based on the fact that homebrewtalk.com and glockforum.com are on the same vhost, I'm betting someone just messed up the apache config.

$ host homebrewtalk.com
homebrewtalk.com has address 216.166.0.68
homebrewtalk.com mail is handled by 10 smtp.homebrewtalk.com.
$ host glockforum.com
glockforum.com has address 216.166.0.68
glockforum.com mail is handled by 20 smtp2.gcsbroadcast.com.
glockforum.com mail is handled by 10 smtp1.gcsbroadcast.com.

^^^^ This... and domains often share certs owned by the host on shared boxes. Saves customers money if branding isn't a big deal. I've seen this a LOT with other domains.

Probably just a configuration issue. If you frequent the site, you may consider sending their web admin a note about the issue since it throws up warnings.