The invalid certificate was a cloudflare one, so probably acceptable : )
(and it's always better than accessing over HTTP)