Naim email links provide a "not secure" message

Blackbird · January 29, 2025, 12:34pm

I’ve started getting this message if I get an email notification from the Naim forum and click the link. Safari/macos. Anyone else get this?

Alley_Cat · January 29, 2025, 1:22pm

Not seeing that currently in Safari/macOS Sequoia (need to update macOS to 15.3), either with new or old email links.

CraigDal · January 29, 2025, 1:27pm

Sounds like a non-Genuine Naim email.
If you go to the email you receieved and hover your mouse over the link that was sent, does it look something like https://community.naimaudio.com/ ?

If you don’t see “naimaudio.com” at the end and it’s something not related to Naim, it’s not safe.

Martinzero · January 29, 2025, 1:53pm

All fine here, UK and Germany, sometimes Switzerland and Spain
Martin

Richard.Dane · January 29, 2025, 1:53pm

I’ve not seen it. I’ll flag it up to our forum web developer though, just in case…

Blackbird · January 29, 2025, 2:04pm

It’s 100% genuine. I got the email notification from this thread now and get the message posted in my first post. Haven’t seen it before. I believe it started post the “read only” state this forum was in the other day.

PW42 · January 29, 2025, 2:20pm

Yes, I get this as well from the email links (using Firefox as browser).

Seems to think it is an http: not https: site.

Osiris · January 29, 2025, 2:35pm

Naim web management on top of things again…….

ATB, J

Simon-in-Suffolk · January 29, 2025, 3:07pm

what browser are you using on what OS for what URL.

It may be root certificate in your OS/browser has expired or is not in your key chain … you should be able to use the TLS inspector in your browser to see. It might also be that the asynchronous TLS security negotiation is using a cipher suite that is not supported by your browser or OS.

There of course many malevolent reasons which could cause this though feel very unlikely.

I suspect however its an OS problem on your browser not supporting the offered cipher suite, hence the fall back to HTTP, or the certificate expired on the remote server, but if you can share the URL I can validate that.

Blackbird · January 29, 2025, 3:22pm

Latest Safari browser on latest MacOS.

Simon-in-Suffolk · January 29, 2025, 3:28pm

and URL?

For example if I look into community.naimaudio.com. it uses a root trusted certificate

ISRG Root X1

which is listed in my Mac TrustStore file under
file:///System/Library/Security/Certificates.bundle/Contents/Resources/TrustStore.html

Richard.Dane · January 29, 2025, 4:57pm

Our forum web dev has been on the case with Discourse and it should now be solved. If you are still getting the message, please let us know.

PW42 · January 29, 2025, 5:53pm

Now working for me (based on a limited test)

Blackbird · January 29, 2025, 7:30pm

It’s gone now and works as normal

Richard.Dane · January 29, 2025, 7:37pm

Excellent. Thanks for letting me know.