|
Boost : |
Subject: Re: [boost] [website] SSL certificate
From: Eric Niebler (eric_at_[hidden])
Date: 2010-08-16 12:18:14
On 8/16/2010 8:33 AM, Rene Rivera wrote:
> On 8/16/2010 12:54 AM, David Abrahams wrote:
>> At Mon, 14 Jun 2010 09:55:17 -0700,
>> admin_at_[hidden] wrote:
>>>
>>> I recently switched from Firefox to Chromium, and I've been
>>> having issues
>>> accessing [1]https://svn.boost.org. It seems that the SSL
>>> certificate used
>>> for [2]svn.boost.org is ... not issued by one
>>> of the major SSL certificate providers (e.g. VeriSign, GoDaddy)
>
>> If we still don't have a valid cert, we should cert-ainly (sorry)
>> consider taking Bryce up on his offer. Bryce, is this a wildcard
>> cert? If not, how can it work for our subdomains?
>
> Just because a cert is not signed by a built-in CA doesn't make it
> invalid. Having either self signed certs or locally signed certs is a
> common occurrence (I do it for most of my own HTTPS/SSH sites). So I
> don't see a real reason to start paying a major CA for them to sign a cert.
Firefox users are presented with a "Get Me Out Of Here!" page and must
click through a bunch of dialogs to add an exception for the cert. I
think this is a real reason for getting an officially signed cert.
-- Eric Niebler BoostPro Computing http://www.boostpro.com
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk