[ale] OpenSSL Cert Quesiton

Jonathan Chum jchum at aismedia.com
Wed Oct 9 09:38:16 EDT 2002


Self signing will still result in the warning because the organization
issuing the certificate is not a authorize organization to issue the cert.
You have to set it in your browser to install the cert. Otherwise, you'll
need to get a real certificate from Thawte or Verisign, though even with the
recent price increase with certs issued by Thawte, it's still cheaper than
Verisign.


Regards,
Jonathan Chum
Systems Developer

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
A I S   M e d i a ,  I n c .
"We Build eBusinesses"
115 Perimeter Center Terrace
Suite 540
Atlanta, GA 30346
Tel: 800.784.0919, Ext 502 / Fax: 678.382.2471
http://www.aismedia.com / jchum at aismedia.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


-----Original Message-----
From: cfowler [mailto:cfowler at outpostsentinel.com]
To: ale at ale.org
Sent: Wednesday, October 09, 2002 9:31 AM
To: James P. Kinney III
Cc: Atlanta Linux User Group (E-mail)
Subject: Re: [ale] OpenSSL Cert Quesiton


So if I have 1000 of the exact same certs (same .pem file) then Thawte
will work eh?

I thought there was a way here to do a self signing?


On Wed, 2002-10-09 at 09:27, James P. Kinney III wrote:
> In order to have the error message "go away", you need to have your
> certs "signed" by a group like Thawte or Verisign. It's not $0 (free)
> and they expire.
>
> You can "sel-sign" but then you must "accept" the certificates manually
> in the browser. And you must accept it for each browser that accesses
> the https site.
>
> Thawte is pretty easy and less expensive than Verisign.
>
> On Wed, 2002-10-09 at 08:49, cfowler wrote:
> > I have generated an OpenSSL cert for each of my servers to use with
> > stunnel.  Every time I access https I get an error message that the cert
> > could not be verified.  Is there a way I can easily make this cert
> > verified.  I have the same cert copied to all my machines.  I'm not
> > really interested in the cert just the SSL portion of the connection.
> > I'm tired of this error message.
> >
> >
> >
> >
> >
> > ---
> > This message has been sent through the ALE general discussion list.
> > See http://www.ale.org/mailing-lists.shtml for more info. Problems
should be
> > sent to listmaster at ale dot org.
> --
> James P. Kinney III   \Changing the mobile computing world/
> President and CEO      \          one Linux user         /
> Local Net Solutions,LLC \           at a time.          /
> 770-493-8244             \.___________________________./
>
> GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
> <jkinney at localnetsolutions.com>
> Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7
>
>



---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
sent to listmaster at ale dot org.



---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list