Quote Originally Posted by 11Bravo View Post
A VPN serves to hide your IP address from all, giving you a different IP address that can't be mapped back to you. Messages from your device to the VPN server are encrypted and wrapped in an envelope. Any sniffer on your ISP connection cannot see the final destination nor the contents. Once at the VPN server, encryption and envelope are removed, and message is sent to the actual destination. But a sniffer there cannot see the actual IP address is was sent from. And it's one of a LOT leaving, and arriving, from/to the VPN server.

My limited understanding of certificates is they just verify that the site is really the site, not a spoofing site. SSL encryption is still done. So if the site is a bogus site, a VPN will not help as it will capture your login info for the true site. But the messages can't be mapped back to you (ok, maybe the government can with a court order for the VPN'S logs, IF the VPN keeps logs).

I've used VPN's to get past the Great firewall, and a Big Sandbox's firewall, with no knock on my door from LE.
No bro, once an SSL cert is expired, the connection between you and the website is no longer encrypted. All browsers will do this, unfortunately.

Think of all these cert issuers that you need to pay to renew your cert like triads taking protection money. No money = no protection. It's all a money making circus.