Thank you all for the replies, as I said, I “know” EuroGA so didn’t have any worry to go on through to the website, but wondered if it was just me or a general site issue, that @Peter might want to know about as a potential problem. I’m sorry I haven’t replied earlier – I don’t live on the forum and went flying yesterday… 
As he suggested, it was only a problem when trying to get onto the forum on this Chrome/Android device and has indeed gone away since I last looked at the site yesterday. Now I roughly understand what was going on, I will know for the future.
Regards, SD..
skydriller wrote:
as I said, I “know” EuroGA so didn’t have any worry to go on through to the website,
In theory you should, as an invalid certificate could mean that you are actually not connected to EuroGA – possibly because of a “man in the middle” attack where someone is relaying your communication with EuroGA and picking up your password in the process.
Really? If I know the web address us correct and have not had the message on another site? Would you suggest trying another device first? What?
How can you check?
To get CloudFlare to accept it, is it specially declared in your CloudFlare account?
Yes; CF now hosts the DNS. And then it offers many facilities, whose choice depends on whether it is a free account (for nonprofit users) or various levels of paid ones, right up to 4 figures a month for users who need a high level of DOS attack protection (Mumsnet is a well known example). On our free account we can have e.g. five rules like blocking a country (Russia and China are blocked right now) which can be done in any decent firewall but the IP list for e.g. Russia is c. 10k lines.
as an invalid certificate could mean that you are actually not connected to EuroGA
That should never happen because CF looks after the HTTPS stuff, and if they drop the ball, hell will break loose with many big-name sites.
How can you check?
If your browser shows the lock symbol
then you are good. This is not actually 100% because your PC can be remotely compromised and the certificate store (cacert.pem) can be replaced, but nobody wants to talk about that because there is no defence to it (without 100% physical (site access) security there is no security whatsoever).
As an aside, Chrome is now replacing some text like “gallois” with “welsh”. I will leave it to you lot to work out what is causing this
Peter wrote:
That should never happen because CF looks after the HTTPS stuff, and if they drop the ball, hell will break loose with many big-name sites.
It is precisely because it “should never happen” that when it happens, it could be cause for a real alarm. Precisely because a f**k-up by CloudFlare is unlikely that the cause is very likely elsewhere, e.g. skydriller connected from a “friend’s” WiFi network and that friend was actually intercepting his communication.
skydriller wrote:
Really? If I know the web address us correct
The whole point of the whole TLS/certificate system is to ensure your browser is indeed communicating with the website that was entered into the URL bar and not another one. So, yes, if the URL in the address bar is correct, and you get a certificate-related warning, it could be an interception of the communication, … or something else.
skydriller wrote:
and have not had the message on another site?
If we think about communication interception scenarios, it is entirely possible for an attacker to intercept communications with one website but not the others. Whether the communication between you and EuroGA would be such a valuable target is another question :) Let’s say that if it happens on your Internet Banking, webmail or other “important” website, in general do not click through blindly.
skydriller wrote:
Would you suggest trying another device first?
That is a sensible idea. Connected to the same network, connected to another network. And (for an important website) if it works there, use that other device…
skydriller wrote:
How can you check?
With some training and having gone through examples, one can look at the certificate and see the problem, and make an informed decision on that basis. On Firefox, click “Advanced”, read the text that appeared, click “view certificate” and… apply your training.
For examples, see the links on https://badssl.com/
E.g. for an expired, but otherwise valid certificate:
A recently expired certificate is most likely only that the website operator “forgot” to renew it (extremely unlikely for EuroGA because CloudFlare takes care of it); I would click through that warning for a website that is not behind a big automated system like CloudFlare.
But errors like revoked, self-signed and untrusted root are much more likely to be a real suspicion.
The “wrong host” error… let’s say if you try to connect to “airports.euroga.org” but you get a valid certificate for “www.euroga.org”, that’s likely just a misconfiguration of the website operator. The same if you know for sure that example.org and example.com and example.co.uk are the same website / same operator, but you get a certificate for one of them when connecting to another of them. But if example.co.uk and example.com are not the same website/operator, then more likely to be a real suspicion. If you try to check things manually like that, beware of similar (or even identical) graphemes, like “O” (capital letter oh) and “0” (digit zero), “l” (lower case letter el) and “I” (upper case letter i), “A/a” (latin/english letter a) and “A” (Greek letter alpha) and “А/а” (cyrillic letter а). E.g. euroga.org and еurоgа.org ARE NOT THE SAME WEBSITE (three letters differ!!!).
Well I suppose that is an accurate translation the origin of Welsh like Walloon meaning foreigner.
Gallois does literally translate in Google translate as Welsh. Funny that I do have Welsh ancestors.
Yeah, but why does it do that?
If that’s directed at me I haven’t a clue. Whilst I have had the same message as skydriller I haven’t the slightest clue what has been discussed here about certificates. Its rocket science to me.
When it happened.to me I had to re-sign in.and the message went away.
But I perhaps now know why I could not read euroga in Egypt.
It is caused by the google translate Chrome plug-in spotting some French text and then going ahead to translate all “French” it can find to English 
lionel wrote:
Precisely because a f**k-up by CloudFlare is unlikely that the cause is very likely elsewhere, e.g. skydriller connected from a “friend’s” WiFi network and that friend was actually intercepting his communication.
Exactly! Such a network could provide a fake DNS server which redirects www.euroga.org to another server which passes all messages on to EuroGA while at the same time intercepting everything which is sent, including passwords. Cloudflare can do nothing to prevent that. The only protection is that the certificate will be invalid.
