On Wed, June 15, 2016 10:31 am, Scott Robbins wrote:
On Wed, Jun 15, 2016 at 10:02:57AM -0500, Valeri Galtsev wrote:
On Wed, June 15, 2016 9:17 am, Warren Young wrote:
Nowadays it's quite easy to get normal ssl certificates for free.
E.g.
Today, I would prefer LetâÂÂs Encrypt:
It is philosophically aligned with the open source software world,
rather
than act as bait for a company that would prefer to sell you a cert instead.
I have got question for experts. I just opened settings of Firefox (latest, on FreeBSD), and took a look at the list of Certification Authorities it comes with.
I do see WoSign there (though I'd prefer to avoid my US located servers have certificates signed by authority located in China, hence located sort of behind "the great firewall of China" - call me superstitious).
I do not see neither starttls.com nor letsencrypt.org between Authorities certificates.
I'm not an expert by any means, but I use letsencrypt (mostly for testing) and it's always worked for me in FreeBSD with Firefox, without any special effort on my part. You can try https://srobb.net which is using letsencrypt as its cert.
Thanks, Scott, I made a note, and will use it if there ever will be a need (Now I get certs signed through institutional channel by intermediate authority as well!). Intermediate CAs somehow slept my mind today (I probably missed my morning coffee ;-)
Valeri
++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++