[rt-users] HTTP and HTTPS on same RT server?

Matt Westfall erkdog+lists at fiftypounds.com
Tue Feb 26 20:59:45 EST 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Godaddy sells valid ssl certs for 20 a year.  *rolls eyes*
Matt Westfall
Owner / Operator
FiftyPounds Internet
http://www.fiftypounds.com

This message is digitally signed with Pretty Good Privacy (PGP)
Info: http://en.wikipedia.org/wiki/Pretty_Good_Privacy



Lutz Jaenicke wrote:
| jmoseley at corp.xanadoo.com wrote:
|> Better yet, import the self-generated CA cert (that you used to sign each
|> of your SSL certs) into each browser as a trusted root certificate
|> authority and no more warnings...
|>
|>
| This is a pretty bad idea unless you are living in a closed system.
| If I add the "xanadoo.com" root CA to my trusted root CAs my browser
| would stop warning me if I hit a https://www.mytrustedbank.com/ forged
| website with a certificate signed by the "xanadoo.com" root CA.
| The trust model used with typical browsers is such that you better only
| add those root certificates you _really_ trust and don't add lots of
| home grown root CAs on the way.
|
| Best regards,
|     Lutz
| PS. Please no new discussion about how trustworthy Verisign et al might
| ultimatively be as root CAs. That's a topic of its own.
| _______________________________________________
| http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
|
| Community help: http://wiki.bestpractical.com
| Commercial support: sales at bestpractical.com
|
|
| Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
| Buy a copy at http://rtbook.bestpractical.com

- --
Matt Westfall
Owner / Operator
FiftyPounds Internet
http://www.fiftypounds.com

This message is digitally signed with Pretty Good Privacy (PGP)
Info: http://en.wikipedia.org/wiki/Pretty_Good_Privacy

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHxMQRb/8X6V5MpAURAhYGAJ9JgNZWpPXf6tEQ09RnA4klWvqIqQCgjjuC
2i+nHaUoq602tvKO3V/H/CQ=
=kYP4
-----END PGP SIGNATURE-----



More information about the rt-users mailing list