httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Lopez <dan...@rawbyte.com>
Subject Re: SSL validation
Date Sun, 04 Aug 2002 03:06:39 GMT


> OK, A friend had said there was a way to override the pop up, so it would 
> still go HTTPS even though the cert was self signed. We have the certs

Nope, no way. This is a test performed by the client.

> configured already but was hoping he was correct and the pop up could be 
> overridden from the server side so the users would not get it, have you 
> heard of any way to do this (short of buying a cert from one of the 
> vendors) ?

You can instruct your clients on how to import your certificate as a trusted
one. This way they will only see the warning the first time.

Cheers

Daniel

> Thx, Richard H
> 
> 
> At 10:51 AM 8/3/2002, Daniel Lopez wrote:
> 
> 
> >On Sat, Aug 03, 2002 at 07:34:45AM -0600, RichardH wrote:
> >> I was told there is a way to use HTTPS without having to purchase an 
> >actual
> >> certificate. I know that it can be done by making your own certificate, 
> >but
> >> how to prevent the warning from popping up on the user side every 
> >time?? Is
> >> there a way to make it override on the user side without having the SSL
> >> cert come from Thawte, etc. ie., with an internally generated certificate
> >> (like a cookie almost) ? I was told this can be done via Apache but where
> >> do you actually override their (user side) checks of the SSL 
> >certification ?
> >
> >The reason why the pop up does not appear in the browser when the
> >certificate was issued by Thawte is because Thawte is one of the 'trusted
> >CAs' that came preinstalled with the browser (For example in internet
> >explorer go to Tools->Internet options->Content->Certificates->Trusted
root
> >certification authorities   to access the complete list)
> >
> >To avoid the pop up, either buy one from them or, if you have control over
> >your clients, you can import the certificate permanently as a recognized 
> >one.
> >
> >I have a chapter online that explains how to configure SSL with Apache 2, 
> >that
> >describes step by step how to create the self-signed certificate.
> >
> >http://apacheworld.org/ty24/site.chapter17.html
> >
> >Cheers
> >
> >Daniel
> >
> >
> >--
> >Teach Yourself Apache 2 -- http://apacheworld.org/ty24/
> >
> >---------------------------------------------------------------------
> >To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >For additional commands, e-mail: users-help@httpd.apache.org
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org

-- 
Teach Yourself Apache 2 -- http://apacheworld.org/ty24/

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message