John Hodrien wrote:
> On Wed, 15 Jun 2016, John R Pierce wrote:
>
>> On 6/15/2016 6:47 AM, Jerry Geis wrote:
>>> How do I get past this? I was looking to just self sign for https.
>>
>> in my admittedly limited experience with this stuff, you need to create
>> your own rootCA, and use that to sign your certificates, AND you need
to take
>> the public key of the rootCA and import it into any trust stores that will
>> be used to verify said certificates.
>
> If you don't do this, then there's no real point using SSL at all, and you
> *should* be forced to override security with arguments:
>
> wget --no-check-certificate
> curl --insecure
Or, maybe, you're working in a domain, and one upper level website is set
up with https-use-strict recursive, so it breaks *everything* below....
I'd like to be able to say "but not me" in the website configuration page
- maybe it just throws up a warning, to remind you to pull it when it goes
live, but for dev & test....
mark, really tired of it breaking our *internal* documentation wiki
for me