Misconfigured HTTPS

[ghost]

The owner of level0.osmz.ru has configured their website improperly.

• The certificate is not trusted because it is self-signed.
• The certificate expired on September 6, 2015, 9:49:00 AM GMT.

HTTPS is necessary to log in to OSM with OAuth, logging in fails as of now.

Am I being man-in-the-middled or are you not providing a valid cert?

[Zverik]

HTTPS is not required to sign in via OAuth. I've just tested it and had no warnings or issues.
The website indeed does not have a proper certificate. I am planning to add it when I rewrite the server configuration in Ansible. But for now it would be too messy.

[ghost]

Oh okay. My best guess for my situation is: my HTTPS Everywhere is forcing OpenStreetMap to switch to HTTPS, and OpenStreetMap over HTTPS then forces the callback URL to be HTTPS too.

[sebkur]

Would be cool to have HTTPS :) Nowadays it tends to confuse some users if there's no HTTPS connection, even if it is not strictly necessary in this case.

[waldyrious]

Was this fixed by #52?

[Zverik]

Nope, not yet.