tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "robert lazarski" <robertlazar...@gmail.com>
Subject Re: Can APR use verisign certs ?
Date Tue, 09 Jan 2007 21:05:15 GMT
On 1/9/07, robert lazarski <robertlazarski@gmail.com> wrote:
> On 1/9/07, Peter Crowther <Peter.Crowther@melandra.com> wrote:
> > > From: robert lazarski [mailto:robertlazarski@gmail.com]
> > > http://alpha-web01.alphatheory.com/atdev/
> >
> > The cert's issued to dpt.alphatheory.com; you're testing connections to
> > alpha-web01.alphatheory.com.  Any sensible browser will scream at that
> > difference.  If they didn't, crackers would be able to get a cert for
> > www.somesillyname.com, install it on a spare server, poison the DNS for
> > www.amazon.com and the browsers wouldn't scream as they were redirected.
> >
> > You will get errors from every browser with that cert unless/until they
> > connect to https://dpt.alphatheory.com.
> >
> >                 - Peter
> >
>
> Can I please ask for more assitence ? I'm getting a date error on this
> site in both IE6 and firefox 1.5 - 2.0 that I don't understand:
>
> https://dpt.alphatheory.com/
>

On firefox 1.5 I'm getting "could not verify the cert because the
issuer is unknown .

Any ideas ?

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message