[CentOS] https and self signed

Sat Jun 18 13:20:19 UTC 2016
Valeri Galtsev <galtsev at kicp.uchicago.edu>

On Sat, June 18, 2016 7:52 am, Always Learning wrote:
> On Fri, 2016-06-17 at 15:56 +0100, Michael H wrote:
>> On 17/06/16 15:46, James B. Byrne wrote:
>> >
>> > We operate a private CA for our domain and have since 2005.  We
>> > maintain a public CRL strictly in accordance with our CPS and have our
>> > own OID assigned.  Our CPS and CRL together with our active, expired
>> > and revoked certificate inventory is available online at
>> > ca.harte-lyne.ca.  Our CPS states that we will only issue certificates
>> > for our own domain and furthermore we only issue them for equipment
>> > and personnel under our direct control.
>> https://harte-lyne.ca/
> Your connection is not secure
> The owner of harte-lyne.ca has configured their website improperly. To
> protect your information from being stolen, Firefox has not connected to
> this website.

You too huh? Did you, guys read what the owner of that domain wrote? I
would suggest to go back to his post, and read the whole piece he wrote,
not just the paragraph you left quoted here. It is instructive. And he
definitely is qualifies to run Certification Authority. And can teach how
to do it. That is what he did in his post.


Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247