https://www.gainstrack.com is now live. At some point it should become default. This is important so that passwords sent to the site are encrypted when logging in.
On a side note, I find it ironic that sending passwords to websites on unencrypted http raises no warnings while sending to encrypted self-signed websites raises all sorts of alarm bells. How is the former better??
Fortunately, setting up https is easier than it used to be. I thank Startssl for their free basic SSL certificates and this blog post for explaining how to set it up for the nginx server. According to the SSLlabs report, the site is all good to go!
Time to update the links for my training log to https://www.gainstrack.com/user/KevinTam