I'm currently thinking, be pretty much got too far with all this HTTPS crap... Now that I keeping up-to-date with my browser versions, I'm not allowed to visit certain sites anymore. It seems Chromium (and also Firefox) are now on the very strict site.

For example here when trying to visit aliexpress.com:

I saw this message now quite often. And there is also a lot of documentation to this topic already.

Is it really necessary to have all this trouble, with a protocol that is basically broken by design? You can implement all this HSTS, HPKP and what not else and be still not safe, if your first visit to the site is corrupted.

Even the best part is, that you can not easily override the error message because HSTS! What the...