|
Post by Ela on May 29, 2016 22:40:24 GMT
Related: looks like the Podcasts are hosted off the same device, as the Apple Podcast app displays the same security error even when you've just refreshed to see if there's anything new to download. Yeah, just saw that, too.
|
|
|
Post by Digi on May 29, 2016 22:44:50 GMT
Yeah, as has been said, this is a very simple fix, but is dependant on someone who know what they are doing with the right access, it is those factors that could mean were in for a wait. Who'd be responsible for keeping the certificates valid usually ? The Web Host (HM) or the content provider (BF)?
Regards
mark687
That almost certainly depends on the terms of the contract between BF and their datacentre.
|
|
|
Post by jasonward on May 29, 2016 22:47:10 GMT
Yeah... well... yeah... it's one of those things often fall between the cracks, it's rarely the job of the hosting company, unless that company also offer services around website development and maintenance, it also depends on the size of organisation and how important their website is to them.
Ultimately of course, responsibility lies with BF, but given that BF don't have their own IT department and out source website development and maintenance, it probably lies with the outsource company, BUT if BF pay for website development on a call off basis then it could quite easily that no one actively looks after the technical side of the website.
I've worked at companies that have had to work through these kind of issues as they grow, it's difficult to know where BF are in terms of size these days but it is clear that a large proportion of their sales is dependant on their website, it could well be that BF have reached the time and size when they should be in-sourcing the website and development team etc, it a weird kind of space, too big to use ad-hoc services, too small to be able to properly out source and get high quality solutions.
|
|
|
Post by mark687 on May 29, 2016 22:47:38 GMT
Who'd be responsible for keeping the certificates valid usually ? The Web Host (HM) or the content provider (BF)?
Regards
mark687
That probably depends on the terms of their contract between BF and their datacentre. Cheers for the info
Regards
mark687
|
|
|
Post by mark687 on May 29, 2016 22:58:51 GMT
Yeah... well... yeah... it's one of those things often fall between the cracks, it's rarely the job of the hosting company, unless that company also offer services around website development and maintenance, it also depends on the size of organisations and how important their website is to them. Ultimately of course responsibility lies with BF, but given that BF don't have their own IT department and out source website development and maintenance it probably lies with the outsource company, BUT if BF pay for website development on a call off basis then it could quite easily that no one actively looks after the technical side of the website. I've worked at companies that have had to work through these kind of issues as they grow, it's difficult to know where BF are in terms of size these days but it is clear that a large proportion of their sales is dependant on their website, it could well be that BF have reached the time when they should in-sourcing the website and developers etc, it a weird kind of space, too big to use ad-hoc services, too small to be able to properly out source and high quality solutions. Thanks
I've no knowledge of running a website but it just seems like a basic housekeeping error that's proving major ally disruptive and time consuming to fix. and potentially PR damaging at a time when BF's profile is at its highest.
Regards
mark687
|
|
|
Post by Ela on May 29, 2016 23:01:49 GMT
It is a basic housekeeping error, but it's something that happens and can fall through the cracks. I've seen it happen with other sites, too.
|
|
|
Post by jasonward on May 29, 2016 23:09:32 GMT
I've no knowledge of running a website but it just seems like a basic housekeeping error that's proving major ally disruptive and time consuming to fix. and potentially PR damaging at a time when BF's profile is at its highest. I couldn't agree more, but in all probability BF just are not paying anyone to look after issues like this. When they were a really small company, a few hours, even maybe days website down time was annoying but not a major issue. Now its much more of an issue, BUT are BF making enough money to be able to afford to pay someone to make sure it doesn't happen? As I say, I would guess, as with most companies in BF's position, they are currently paying their web developers on a per job basis/ad hoc basis, and their hosting company for hosting and bandwidth. Even if you pay a web developer/company for some kind full service deal, in truth web developers are focused on getting more work and developing, not watching and monitoring your servers for up and coming issues. It is an important area, but that BF have experienced a failure in this does not at all surprise me, whilst I wasn't thinking about certificate expiry I have been thinking over the last few months that BF are in the space I've seen many companies in, needing more and better services from and for their website, but with no skills in house to do it, and probably fear about committing to long term expenses which until now they've avoided.
|
|
|
Post by Digi on May 29, 2016 23:12:24 GMT
I work at a DC, and certificate errors are one of those things that (as Jason & Ela say) fall through the cracks all the time.
In my experience it's kind of just a confluence of issues that you really can't (or at least shouldn't) nail any one person to the wall for. Things like certificate renewals usually ask for an email to send notification to when expiration is near. But that in itself is fraught with problems: - IT companies are constantly being bought and sold, so email domains are forever in flux - people go away on vacation, and maybe the reminder comes in while they're away (and it's automated, so it doesn't get re-sent to someone else) - IT (in my experience) has huge personnel turnover, so it's entirely likely that the person who set up the reminder is long gone from the company
I didn't realize till reading Jason's post that BF doesn't have an internal IT team of their own (I actually find that rather surprising). That being the case, the process is most likely 1) External users (ie us) report a problem 2) Someone at BF checks to make sure we're not bs'ing them 3) BF has to get in touch with their own employee who has access to the DC's ticket/case/incident portal 4) That individual generates an incident with their DC for resolution 4.5) Depending on how big the DC company is, the ticket might not get to the specific DC in a timely manner 5) Once it gets to the relevant DC, the on-site tech team prioritizes it--they have other customers who may have more critical issues 6) The DC techs troubleshoot problem 6.5) Additional jiggery-pokery may be required, if the certification security checks are registered to someone no longer employed there 7) Reboot for good measure 8) Check back with BF to make sure it's working
Depending on delays at any step along the way, it could be a few minutes to a few hours to resolve. We appear to be on the longer end of that scale.
|
|
|
Post by SoundableObject on May 29, 2016 23:15:50 GMT
Big Finish website is back. And not a moment too soon.
|
|
|
Post by mark687 on May 29, 2016 23:18:27 GMT
Big Finish website is back. And not a moment too soon. with the Barrowman Podcast
(the man's a menace )
Regards
mark687
|
|
|
Post by Digi on May 29, 2016 23:20:02 GMT
Big Finish website is back. And not a moment too soon. with the Barrowman Podcast
(the man's a menace )
Regards
mark687
LOL
|
|
|
Post by Ela on May 29, 2016 23:34:17 GMT
Big Finish website is back. And not a moment too soon. Was just coming here to post that. And edited the thread title to reflect that.
|
|
|
Post by SoundableObject on May 29, 2016 23:46:46 GMT
I can only assume the Big Finish security certificate renewal sale is coming tomorrow
|
|
|
Post by jasonward on May 29, 2016 23:48:11 GMT
lol, well they have sales for everything else... so yeah.
|
|
Tony Jones
Chancellery Guard
Professor Chronotis
Still rockin' along!
Likes: 2,132
|
Post by Tony Jones on May 30, 2016 8:18:33 GMT
Yeah, as has been said, this is a very simple fix, but is dependant on someone who know what they are doing with the right access, it is those factors that could mean were in for a wait. Who'd be responsible for keeping the certificates valid usually ? The Web Host (HM) or the content provider (BF)?
Regards
mark687
I would think there would be a warning email. I get them for my domain names so I imagine SSL certificates do as well
|
|