[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SSL Server Certificate


Greetings,

Thanks!  I'm exploring new territory, here, so
I'm not sure if my reasoning is entirely correct.

This is not for commercial use.  I use Perl CGI
scripts to display genomic research data for 
access by other research institutions.

One of these Perl script systems sets configurations
by an "admin" sign-in on a web page.  It just
seems to me that any time passwords are used,
they should be secure.

Also, I am thinking about having a Perl CGI 
development area where I might want to be the
only person who can sign on.

Frankly, right now I wouldn't care about the
certificate warning screen for a development area.
That might work in my favor by discouraging
people who shouldn't be trying to sign on,
anyway.

However, for the general data display area
this would not be appropriate.  This area
would not have to be on a secure server,
though.

--Chet


Quoting Travis Owens <openbook@linuxmds.com>:

> Chet,
> 
> It depends on what you're wanting the cert for. If it's just for
> personal use, or if you don't mind the annoying notification of an
> "Untrusted Certifying Agency" then you don't need to pay a company for
> the cert.
> 
> However, if you are using this in a commercial fashion, where the server
> will have public access, then you'll want the "purchase" cert, because
> that will not cause a warning to all the browsers that hit the secure
> section of your site.
> 
> Remember, the cert is linked to a specific domain name, on a specific
> server, with a specific request key. If any one of these are not exactly
> perfect, the cert will barf when Apache tries to use it.
> 
> If you're doing this on your own, I'll see if I can find a good little
> walk-through for you online. I know I've seen one somewhere before, but
> it's been a while... :(
> 
> HTH,
> Travis
> 
> 
> 
> On Thu, 2004-02-05 at 07:36, Chet Langin wrote:
> > Greetings,
> > 
> > I have compiled Apache with mod_ssl and I have
> > used "make certificate" by I still do not have
> > a server certificate.  I don't quite grasp the
> > concept of what is going on.  Is this something
> > I can do on my own, or am I going to have to
> > pay a service (Veri Sign?) to get this to work?
> > 
> > 
> > ,,Chet Langin,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
> > <http://mypage.siu.edu/clangin> <clangin@siu.edu>
> > ~~~Diagonally parked in a parallel universe ~~~~~
> > 
> > 
> > 
> > -
> > To unsubscribe, send email to majordomo@silug.org with
> > "unsubscribe silug-discuss" in the body.
> -- 
> Travis Owens <openbook@linuxmds.com>
> 
> 
> -
> To unsubscribe, send email to majordomo@silug.org with
> "unsubscribe silug-discuss" in the body.
> 




----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.


-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.