[quote=“My1, post:17, topic:8523”]
well I thought there are downgrade protections everywhere and I see no reason to downgrade, I mean if you go through the trouble of getting a cert in the first place then use it.
[/quote]Transparent HTTPS —> HTTP redirect without any warnings indicates TLS server running on 443 port with publicly-trusted certificate and cipher suite overlap with common clients. Once a client sends application data (GET / HTTP/1.1), a server replies with 3xx redirect to HTTP location.
It’s very common. Visiting such sites is my daily routine.
When I need to share a site HTTP by default but supporting HTTPS with publicly-trusted cert, I share HTTPS link. If a site goes full HTTPS, links shared by me have already been HTTPS, good to be smart like that.
Yes, such redirects can result in frustration and despair. For example, instead of site you see 451 from your ISP or even IP-transit operator, so you try HTTPS. When you see 451 again without any trust warnings, it’s super-creepy. I have seen such happening with NSFW site about hamsters, shame on them.