Subject: [boost] [website] SSL certificate
Date: 2010-06-14 12:55:17
I recently switched from Firefox to Chromium, and I've been having issues
accessing https://svn.boost.org. It seems that the SSL certificate used
for svn.boost.org is either not properly configured, or not issued by one
of the major SSL certificate providers (e.g. VeriSign, GoDaddy). Examination
of the certificate indicates that it's issued by the Computer Science
Department of Indiana University, and the certificate doesn't have a chain
that leads back to a well known CA (the chain is just 'svn.boost.org =>
cs.indiana.edu', and most browsers I've tried don't recognize
cs.indiana.edu as a legitimate CA by default).
If this isn't just a matter of improper configuration (or, for that matter,
just a matter of my browsers being screwy), I'd be happy to offer my own SSL
certificate to Boost. The certificate is a standard SSL certificate issued
by GoDaddy (domain controlled validation, certificate signing algorithm is
RSA 2048 bits), and it's paid through 02/20/2011.
I'm currently using my cert for my Debian mirror, so I would have to revoke
the current certificate, and then submit a CSR from boost.org's server.
Ideally, then I would generate a CSR request, and the boost server would
sign it; I'd end up with a cert chain of 'mysite => boost.org =>
GoDaddy'. boost.org and subdomains would have a cert signed directly by
GoDaddy, so the svn.boost.org cert would be verify by most browsers
If there's any interest in this, please let me know.
- Bryce Lelbach
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk