Boost logo

Boost :

Subject: Re: [boost] [website] SSL certificate
From: Eric Niebler (eric_at_[hidden])
Date: 2010-08-16 12:18:14

On 8/16/2010 8:33 AM, Rene Rivera wrote:
> On 8/16/2010 12:54 AM, David Abrahams wrote:
>> At Mon, 14 Jun 2010 09:55:17 -0700,
>> admin_at_[hidden] wrote:
>>> I recently switched from Firefox to Chromium, and I've been
>>> having issues
>>> accessing [1] It seems that the SSL
>>> certificate used
>>> for [2] is ... not issued by one
>>> of the major SSL certificate providers (e.g. VeriSign, GoDaddy)
>> If we still don't have a valid cert, we should cert-ainly (sorry)
>> consider taking Bryce up on his offer. Bryce, is this a wildcard
>> cert? If not, how can it work for our subdomains?
> Just because a cert is not signed by a built-in CA doesn't make it
> invalid. Having either self signed certs or locally signed certs is a
> common occurrence (I do it for most of my own HTTPS/SSH sites). So I
> don't see a real reason to start paying a major CA for them to sign a cert.

Firefox users are presented with a "Get Me Out Of Here!" page and must
click through a bunch of dialogs to add an exception for the cert. I
think this is a real reason for getting an officially signed cert.

Eric Niebler
BoostPro Computing

Boost list run by bdawes at, gregod at, cpdaniel at, john at