Fedora home server using core 9

[Tim]

On Tue, 2008-09-02 at 12:03 +0200, Timothy Murphy wrote:
> I must say I was fairly unimpressed with the error I got
> when browsing to the suggested URL,
> <https://www.scientificlinux.org/>.
> I know there was some sort of explanation given for this,
> and probably a solution; but I am rather lazy,

You're likely to see that sort of thing a bit more often, now, as
various free projects see the need to use HTTPS, but can't afford the
high prices charged to get certificates that will be recognised by
browsers straight away.  They'll get cheaper, or free, certificates
which you'll need to work out for yourself whether they're trustworthy
by okaying them one at a time, or by adding a root certificate from
whomever countersigned theirs.

The average HTTPS website that "just works" for you has paid a lot of
money to someone like Verisign to assert that they're who they claim to
be, and your browser came with root certificates for Verisign (to let
the browser trust Verisign).  Some just can't afford to do that.

What really annoys me is when some fool thinks that getting a
certificate made out to www.example.com is fine when they try to use it
with mail.example.com, so I always see completely avoidable warnings.
If they'd had the sense to had a wild-card type of certificate made out
to just example.com, or had the certificate cover more than one
sub-domain, or created more than one certificate, things would just
work.

Or worse, they try to use a certificate for a completely different
domain (such as their webmail server answering to another address, as
well).


-- 
[tim at localhost ~]$ uname -r
2.6.25.14-108.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.