On Thu, Sep 16, 2010 at 12:07 PM, Patrick Lists <centos-list at puzzled.xs4all.nl> wrote: > On 09/16/2010 05:53 PM, Kevin Thorpe wrote: >> On 16/09/2010 16:45, Jerry Geis wrote: >>> hi all, >>> >>> I wish to just have secure browsing for my application. >>> no credit cards or anything like that just secure browser usage is the goal. >>> >>> I can self sign a certificate (I already have) on my servers but for >>> "anyone" accessing the server >>> you see this "nasty" message about "untrusted sight " and all that. >>> This will all be intranet type usage for the server. >>> >>> What is the best method to not see that "untrusted sight" and have the >>> certificate load without >>> and exception? >> Sorry, but you need to buy a certificate. It needs to be signed by an >> authority which already >> has a master certificate in the end user's browser. We use Thawte but >> there are cheaper >> options such as<cough> GoDaddy who offer them for less than GBP 10. > > Or you make sure that all browsers of the users on your Intranet have > imported the CA certificate that signed the webservers certificate. I'm > afraid I don't know how to do that automagically. > > Regards, > Patrick This is the road to madness unless you have a huge corporation with a dedicated PKI team. Just pay the money to get your certificate signed. The amount of time it takes to do and manage it on your own is far more expensive.