[CentOS] https and self signed

John Hodrien J.H.Hodrien at leeds.ac.uk
Wed Jun 15 15:16:55 UTC 2016


On Wed, 15 Jun 2016, John R Pierce wrote:

> On 6/15/2016 6:47 AM, Jerry Geis wrote:
>>  How do I get past this? I was looking to just self sign for https.
>
> in my admittedly limited experience with this stuff, you need to create your 
> own rootCA, and use that to sign your certificates, AND you need to take the 
> public key of the rootCA and import it into any trust stores that will be 
> used to verify said certificates.

If you don't do this, then there's no real point using SSL at all, and you
*should* be forced to override security with arguments:

wget --no-check-certificate
curl --insecure

etc.

jh



More information about the CentOS mailing list