[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Securing Admin Pages

Subject: Re: [cobalt-security] Securing Admin Pages
From: Matthew Nuzum <cobalt@xxxxxxxxxxxxx>
Date: 22 Feb 2002 14:58:17 -0500
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Thu, 2002-02-21 at 13:47, Jeff Lasman wrote:

    Rule of thumb, don't use http; use a secure cert (even a self-signed
    one) and https.
    
    Jeff
I agree, but...
Has anyone noticed a problem when using this technique?  I have found
that when one of the default Cobalt error pages show, such as the 404
page not found error, it shows the images from the SSL server.

If you're using a self signed cert, the person viewing the website get's
security warnings.  One stating that some of the content is secure,
other content isn't, then again stating that you have not chosen to
trust blah blah blah.

Funny problem.  Shouldn't happen.

Follow-Ups:
- Re: [cobalt-security] Securing Admin Pages
  - From: Jeff Lasman
- Re: [cobalt-security] Securing Admin Pages
  - From: Maurice de Laat
- Re: [cobalt-security] Securing Admin Pages
  - From: Jelmer Jellema

References:
- Re: [cobalt-security] Securing Admin Pages
  - From: Declan Caulfield
- Re: [cobalt-security] Securing Admin Pages
  - From: Jeff Lasman

Prev by Date: Re: [cobalt-security] self signed certificate warnings
Next by Date: Re: [cobalt-security] Best way to check email securely?
Previous by thread: Re: [cobalt-security] Securing Admin Pages
Next by thread: Re: [cobalt-security] Securing Admin Pages

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index