We are currently using a self signed certificate.
This will require that your browser warn you about the certificate since it isn’t in your browsers list of known public certificate authorities you will have to manually select (in safari) “show certificate” (which will have a red warning saying “This root certificate is not trusted”). This is because it is not verified by a Certificate Authority and therefore not pre-bundled in your browser’s list of trusted certificates. Though with Verisign recently admitting to being repeatedly hacked or StartSSL recently discontinuing its free ssl certificate service indefinitely for the same reason, the value of purchasing a verified certificate is debatable.
The problem with the CA’s is they’re a high value target and sadly even robust security these days is no guarantee. The strategy for our operation is, besides not being subject to the same threat level, take as many additional steps to lock out malicious code as possible. I will leave it to you to decide whether or not you choose to trust this connection.
We do not log visitors unless they are attempting to brute force their way through our security and escalate privileges, then they get caught up in our authlogs as failed attempts allowing us to ban them.
Clicking “Continue” will take you on to the website and our packets are now encrypted. This makes it more difficult to intercept our conversation on any computer that exists in the route between your desktop / laptop and our Linode VPS in California. They’re a particularly solid hosting service with a great community, and seriously thorough set of docs to help you through the pain of running your own VPS in order to have a secure development environment and root access (all to avoid the pitfalls of shared hosting).
If you choose to trust hempsaves.net, click on “Show Certificate” and select “Always trust “hempsaves.net” when connecting to “hempsaves.net” then click “Continue” and our servers certificate will be added to your browsers list of trusted certificates and that will keep this dialog from popping up every time you visit. In the event you decide to revoke this certificate, that can easily be accomplished in most browsers, although depending upon whether you’re using a Safari on a Mac, firefox on a windows machine, or chrome on a linux box the procedure will vary.
Additional Security For Your Browser
Ghostery is a very nice browser plugin that shows you all the trackers on a website allowing you to run them or block them selectively.
For a bit better security use Tor-Browser
Or you could go completely stealth with a Debian / Linux / Tor variant and build a Whonix box