John Hodrien wrote:
On Wed, 15 Jun 2016, John R Pierce wrote:
On 6/15/2016 6:47 AM, Jerry Geis wrote:
How do I get past this? I was looking to just self sign for https.
in my admittedly limited experience with this stuff, you need to create your own rootCA, and use that to sign your certificates, AND you need
to take
the public key of the rootCA and import it into any trust stores that will be used to verify said certificates.
If you don't do this, then there's no real point using SSL at all, and you *should* be forced to override security with arguments:
wget --no-check-certificate curl --insecure
Or, maybe, you're working in a domain, and one upper level website is set up with https-use-strict recursive, so it breaks *everything* below.... I'd like to be able to say "but not me" in the website configuration page - maybe it just throws up a warning, to remind you to pull it when it goes live, but for dev & test....
mark, really tired of it breaking our *internal* documentation wiki for me