[CentOS] https and self signed

Fri Jun 17 14:40:46 UTC 2016
Walter H. <Walter.H at mathemainzel.info>

On 17.06.2016 16:27, Александр Кириллов wrote:
> Walter H. писал 2016-06-16 22:54:
>> On 16.06.2016 21:42, Александр Кириллов wrote:
>>>
>>> I don't think OCSP is critical for free certificates suitable for 
>>> small businesses and personal sites.
>>>
>> this is philosophy;
>>
>> I'd say when you do it then do it good, else don't do it;
>
> Then OCSP stapling is the way to go but it could be a real PITA to 
> setup for the first time and may not be supported by older browsers 
> anyway.
>
not really, because the same server tells the client that the SSL 
certificate is good, as the SSL certificate itself;
these must be independent;

Walter