PHWinfo - Afficher un message - Alias in conf file to send users to httpS://

09/05/2007, 19h19

On May 9, 4:03 pm, "Paul" <l...@invalid.com> wrote:
> >> > When you set up SSL, visithttp://www.cacert.org/tograb
> >> > multiple certs for free.
> >> >http://wiki.cacert.org/wiki/VhostTaskForce
> >> >http://wiki.cacert.org/wiki/VhostsApache
> >> > tells you how to set it up so you can use name based vhosting and have
> >> > a cert for each servername on the same IP
>
> >> > whether you can do this however depends on how your hosting company
> >> > has set up your package. (I am assuming its a shared package and you
> >> > dont control the configuration of certs)
>
> Shimmy - I can't find much on whether cacert.org certificates are widely
> pre-installed/accepted in brwosers or will the user receive a security
> notification thus not making much difference than self-certifying.
>
> Thanks again for you here!

supporting them is the same as rolling your won, except we move one
stage further towards main stream browser acceptance; here's the
official response to your query (answered on the mailing list on 3rd
mar 07):

-------
Well, if you want free certs there are two options: make your own CA,
or use CAcert. If you're only going to use the certificate internally,
there is no real advantage to CAcert certificates. If you're going to
use the cert on the web or to encrypt/sign e-mail or to sign documents
and code, then using CAcert is better. Why?

Once people decide to trust CAcert, by importing the root cert, and
many people already trust cacert implicitly as you can see in the link
I sent you, they will no longer get a warning on any CAcert
certificate they run into. But more importantly, they will also be
able to trust your identity, which is great for signed e-mails,
documents and code. That is something you can never provide yourself,
unless of course you only communicate with close friends.

So of course a cert which gives no warning message is far nicer, but
CAcert is the next best thing, and a nice option for many people. In
the past I used my own CA on my servers, but decided to switch to
CAcert because it provides a higher level of trust and authentication
than I can provide myself. It also s that I run various Linux
servers and desktops such as Debian and Gentoo, which both include
CAcert as trusted root.

Your situation may be different of course.

Greetings, Martijn
-----

the link he refers to is:
http://wiki.cacert.org/wiki/InclusionStatus
hope that s you with your decision, personally I decided to go
with it!!

heres the warning you get in opera, (you get the chance to press
accept - if a user reads it!)
----
- The certificate for "www.sharetvnews.com" is signed by the unknown
Certificate Authority "CA Cert Signing Authority". It is not possible
to verify that this is a valid certificate
----

09/05/2007, 19h19	#6
shimmyshack Messages: n/a Hébergeur:	Re: Alias in conf file to send users to httpS:// On May 9, 4:03 pm, "Paul" <l...@invalid.com> wrote: > >> > When you set up SSL, visithttp://www.cacert.org/tograb > >> > multiple certs for free. > >> >http://wiki.cacert.org/wiki/VhostTaskForce > >> >http://wiki.cacert.org/wiki/VhostsApache > >> > tells you how to set it up so you can use name based vhosting and have > >> > a cert for each servername on the same IP > > >> > whether you can do this however depends on how your hosting company > >> > has set up your package. (I am assuming its a shared package and you > >> > dont control the configuration of certs) > > Shimmy - I can't find much on whether cacert.org certificates are widely > pre-installed/accepted in brwosers or will the user receive a security > notification thus not making much difference than self-certifying. > > Thanks again for you here! supporting them is the same as rolling your won, except we move one stage further towards main stream browser acceptance; here's the official response to your query (answered on the mailing list on 3rd mar 07): ------- Well, if you want free certs there are two options: make your own CA, or use CAcert. If you're only going to use the certificate internally, there is no real advantage to CAcert certificates. If you're going to use the cert on the web or to encrypt/sign e-mail or to sign documents and code, then using CAcert is better. Why? Once people decide to trust CAcert, by importing the root cert, and many people already trust cacert implicitly as you can see in the link I sent you, they will no longer get a warning on any CAcert certificate they run into. But more importantly, they will also be able to trust your identity, which is great for signed e-mails, documents and code. That is something you can never provide yourself, unless of course you only communicate with close friends. So of course a cert which gives no warning message is far nicer, but CAcert is the next best thing, and a nice option for many people. In the past I used my own CA on my servers, but decided to switch to CAcert because it provides a higher level of trust and authentication than I can provide myself. It also s that I run various Linux servers and desktops such as Debian and Gentoo, which both include CAcert as trusted root. Your situation may be different of course. Greetings, Martijn ----- the link he refers to is: http://wiki.cacert.org/wiki/InclusionStatus hope that s you with your decision, personally I decided to go with it!! heres the warning you get in opera, (you get the chance to press accept - if a user reads it!) ---- - The certificate for "www.sharetvnews.com" is signed by the unknown Certificate Authority "CA Cert Signing Authority". It is not possible to verify that this is a valid certificate ----