[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] SSL Insight
- Subject: Re: [cobalt-security] SSL Insight
- From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
- Date: Thu, 29 Aug 2002 18:08:54 -0700
- Organization: nobaloney.net
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
"Michael D. Mack" wrote:
> I am a little skeptical about the SSL that comes stock with the RAQ4. I
> have a few pages within the site that have the need. Does anyone have
> any good suggestions or important tips on using it properly (other than
> following the guides instructions),
Are you talkiing about the ssl infrastructure or your cert?
RaQs use openssl for Apache, and if kept up-to-date (I believe it's
up-to-date today) it's as secure as it gets.
If you're talking about your cert, you should NEVER use a self-signed
cert to secure a publicly-accessible site. self-signed certs are fine
for testing, and for server administration, though with commercial certs
available as inexpensively as $49 or less, there's no reason to use them
even for server administration.
Why? Because if you use a self-signed cert your client's browser will
complain that the cert is from a non-recognized source.
> or is it a waste of time and should
> I just purchase one from a well known source?
Comodo certs are $49 from them, cheaper from a lot of people <hint,
smile>. At that price, I'd think a commercial cert is probably a
reasonable idea <smile>.
> (by the way I do have it on its own IP.)
If you didn't, it wouldn't work.
Jeff
--
Jeff Lasman <jblists@xxxxxxxxxxxxx>
Linux and Cobalt/Sun/RaQ Consulting
nobaloney.net, P. O. Box 52672, Riverside, CA 92517
voice: +1 909 778-9980 * fax: +1 909 548-9484