-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hello,
This morning tried to access https://projects.centos.org/trac/artwork/ through firefox and the following response came to me:
- --- Secure Connection Failed
projects.centos.org uses an invalid security certificate.
The certificate expired on 12/10/2008 08:21 PM.
(Error code: sec_error_expired_certificate) * This could be a problem with the server's configuration, or it could be someone trying to impersonate the server. * If you have connected to this server successfully in the past, the error may be temporary, and you can try again later. - ---
Cheers, - -- Alain Reguera Delgado al@ciget.cienfuegos.cu GnuPG : http://ciget.cienfuegos.cu/~al/publickey.asc
Alain Reguera Delgado wrote:
projects.centos.org uses an invalid security certificate. The certificate expired on 12/10/2008 08:21 PM.
I'll look into this.
Alain Reguera Delgado wrote:
projects.centos.org uses an invalid security certificate. The certificate expired on 12/10/2008 08:21 PM.
Should be sorted now
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Karanbir Singh wrote:
Alain Reguera Delgado wrote:
projects.centos.org uses an invalid security certificate. The certificate expired on 12/10/2008 08:21 PM.
Should be sorted now
A few minutes ago, when tried https://projects.centos.org/trac/artwork/ in firefox the following message appeared:
- --- projects.centos.org uses an invalid security certificate.
The certificate is not trusted because it is self signed.
(Error code: sec_error_ca_cert_invalid) - ---
Is that a sign that the new certificate needs to be verified somehow ?
Cheers, - -- Alain Reguera Delgado al@ciget.cienfuegos.cu GnuPG : http://ciget.cienfuegos.cu/~al/publickey.asc
On Mon, Dec 15, 2008 at 7:37 AM, Alain Reguera Delgado al@ciget.cienfuegos.cu wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Karanbir Singh wrote:
Alain Reguera Delgado wrote:
projects.centos.org uses an invalid security certificate. The certificate expired on 12/10/2008 08:21 PM.
Should be sorted now
A few minutes ago, when tried https://projects.centos.org/trac/artwork/ in firefox the following message appeared:
projects.centos.org uses an invalid security certificate.
The certificate is not trusted because it is self signed.
(Error code: sec_error_ca_cert_invalid)
Is that a sign that the new certificate needs to be verified somehow ?
"Or you can add an exception…"
jerry
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Jerry Amundson wrote:
On Mon, Dec 15, 2008 at 7:37 AM, Alain Reguera Delgado al@ciget.cienfuegos.cu wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Karanbir Singh wrote:
Alain Reguera Delgado wrote:
projects.centos.org uses an invalid security certificate. The certificate expired on 12/10/2008 08:21 PM.
Should be sorted now
A few minutes ago, when tried https://projects.centos.org/trac/artwork/ in firefox the following message appeared:
projects.centos.org uses an invalid security certificate.
The certificate is not trusted because it is self signed.
(Error code: sec_error_ca_cert_invalid)
Is that a sign that the new certificate needs to be verified somehow ?
"Or you can add an exception…"
Why not use a public CA for this? Like CAcert.org?
Hugo.
- -- hvdkooij@vanderkooij.org http://hugo.vanderkooij.org/ PGP/GPG? Use: http://hugo.vanderkooij.org/0x58F19981.asc
A: Yes. >Q: Are you sure? >>A: Because it reverses the logical flow of conversation. >>>Q: Why is top posting frowned upon?
Bored? Click on http://spamornot.org/ and rate those images.
Nid wyf yn y swyddfa ar hyn o bryd. Anfonwch unrhyw waith i'w gyfieithu.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Karanbir Singh wrote:
Hugo van der Kooij wrote:
Why not use a public CA for this? Like CAcert.org?
we are starting to have enough certs around now that perhaps a certs.centos.org might be a good idea.
Ohh! ... I like that idea :)
Cheers, - -- Alain Reguera Delgado al@ciget.cienfuegos.cu GnuPG : http://ciget.cienfuegos.cu/~al/publickey.asc
Karanbir Singh napsal(a):
Hugo van der Kooij wrote:
Why not use a public CA for this? Like CAcert.org?
we are starting to have enough certs around now that perhaps a certs.centos.org might be a good idea.
Well, I guess there's no need to create special site to distribute Centos root certificates. We can distribute them via www.centos.org. What we really need is to create own CA. Having projects.centos.org secured via selfsigned cert is not good idea. If there's no one to pick up, I can handle. David Hrbáč
David Hrbáč wrote:
Well, I guess there's no need to create special site to distribute Centos root certificates. We can distribute them via www.centos.org. What we really need is to create own CA. Having projects.centos.org secured via selfsigned cert is not good idea. If there's no one to pick up, I can handle.
I'd be most interested in finding out why you think a self signed cert is not a good idea, for something like projects.centos.org. Keep in context to whats on the other side of projects.centos.org and why its running on https in the first place.
On Dec 20, 2008, at 1:54 PM, Karanbir Singh wrote:
David Hrbáč wrote:
Well, I guess there's no need to create special site to distribute Centos root certificates. We can distribute them via www.centos.org. What we really need is to create own CA. Having projects.centos.org secured via selfsigned cert is not good idea. If there's no one to pick up, I can handle.
I'd be most interested in finding out why you think a self signed cert is not a good idea, for something like projects.centos.org. Keep in context to whats on the other side of projects.centos.org and why its running on https in the first place.
Any particular reason (other than no round 'tuits) why a CAcert signed (rather than self-signed) should not be attempted instead?
Real world experience: my Mac OS X Leopard server is now CAcert'ed, the pain and drudgery were quite tolerable.
73 de Jeff
On Dec 20, 2008, at 1:54 PM, Jeff Johnson wrote:
Any particular reason (other than no round 'tuits) why a CAcert signed (rather than self-signed) should not be attempted instead?
And an entirely different note:
$219/yr for a wildcard cert to never have to discuss crypto in public is extrememly cost effective as well. Paranoia is a disease, treatable sure, but the shrinks cost more $$$ than the cert does.
73 de Jeff
-
Alain Reguera Delgado -
David Hrbáč -
Hugo van der Kooij -
Jeff Johnson -
Jerry Amundson -
Karanbir Singh