developer.ecobee.com website is not configured properly

Hi, when I try to access this website using Firefox, I get the following error:

"Your connection is not secure

The owner of developer.ecobee.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.

developer.ecobee.com uses an invalid security certificate. The certificate is only valid for the following names: *.getsatisfaction.com, getsatisfaction.com Error code: SSL_ERROR_BAD_CERT_DOMAIN"

I am currently connecting using insecure Internet Explorer, which doesn't seem to mind... I think it would be better if you could address this on your end.

Thanks,
Daniel
1 person has
this problem
+1
Reply
  • I’m frustrated
    No one?

    Even using IE on WinXP is giving me a big warning that I have to override using a "not recommended" option to get through.

    Surely ecobee doesn't intend to have people do this every time they want to access the http://developer.ecobee.com/api website? (notice it drops the "s" in "https").

    Thanks for looking into it. I think it's important.
  • (some HTML allowed)
    How does this make you feel?
    Add Image
    I'm

    e.g. kidding, amused, unsure, silly indifferent, undecided, unconcerned happy, confident, thankful, excited sad, anxious, confused, frustrated

  • 1
    Hi,

    It seems that a few browsers (IE, Firefox, Tor) picked up a commit to the Chrome HSTS preload list where our domain was briefly listed a few months back. These browsers seem to lag the Chrome list in removing our site. It appears that new nightly builds of IE and Firefox have removed us from their lists. In the meantime, you can visit https://ecobee.com (note, no 'www') to have your browser remove the HSTS entry for our domain. Following that you should be able to visit http://developer.ecobee.com/api without any browser warnings.

    We're working on implementing HSTS support across all our sub-domains, but at present HTTPS is not supported across all our vendors. We hope to have this resolved in the near future. Thanks, and please let us know if you have any further problems after taking the above steps!

    Jari
  • (some HTML allowed)
    How does this make you feel?
    Add Image
    I'm

    e.g. kidding, amused, unsure, silly indifferent, undecided, unconcerned happy, confident, thankful, excited sad, anxious, confused, frustrated

  • I’m Happy
    Hi Jari,

    Yes, that fixed it! Thanks for responding and explaining.

    Issue is solved for me.

    Regards,
    Daniel
  • (some HTML allowed)
    How does this make you feel?
    Add Image
    I'm

    e.g. kidding, amused, unsure, silly indifferent, undecided, unconcerned happy, confident, thankful, excited sad, anxious, confused, frustrated