httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jorge Schrauwen" <jorge.schrau...@gmail.com>
Subject Re: 2.2.4 windows binary w/ssl?
Date Wed, 10 Jan 2007 21:10:24 GMT
Do note that not all users that will chose the SSL package will know how to
correctly fill in the fields. My experience tells me if there is a package
with XYZ and without most chose it with XYZ even if they don't need it.

So if there is a dialog in the installer that would ask for the
information... make sure there is lots of information available on what to
enter!

My 0,02 EUR Cent ;)

On 1/10/07, Issac Goldstand <margol@beamartyr.net> wrote:
>
> I think the MSI should autogenerate a self-signed cert at least (last
> thing we need is for people to deploy a static pre-distributed cert
> which would make it that much easier to do man-in-the-middle attacks).
>
> Would be great if the MSI had a choice to use an existing cert, or
> generate a new one with a user supplied DN (fill-in fields for CN, OU, O
> , L, ST, C), and generated a self-signed cert with that + a .csr for
> sending to a Trusted Third-Party for signing.
>
> Would also be great if there was some GUI for importing a signed cert
> post-install, similar to the IIS wizard, but that's probably pushing it.
>
> Just my $0.02,
>   Issac
>
> William A. Rowe, Jr. wrote:
> > A final question for all, do we wish to install an arbitrary, on the
> fly self
> > signed default.crt/default.key?  Do we want to help them fill out the
> details
> > or use stock details?  Or do we want them to use openssl.exe to generate
> one
> > for themselves?
>



-- 
~Jorge

Mime
View raw message