Date: Sat, 8 Jan 2005 22:23:15 -0800 From: "Ted Mittelstaedt" <tedm@toybox.placo.com> To: <tkelly-freebsd-questions@taborandtashell.net> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: RE: Webmail Frontend to mailboxes. Message-ID: <LOBBIFDAGNMAMLGJJCKNGEPOEPAA.tedm@toybox.placo.com> In-Reply-To: <41DF9191.4070408@taborandtashell.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> -----Original Message----- > From: Tabor Kelly [mailto:tkelly-freebsd-questions@taborandtashell.net] > Sent: Friday, January 07, 2005 11:54 PM > To: Ted Mittelstaedt > Cc: Peter Risdon; Colin J. Raven; FreeBSD Questions > Subject: Re: Webmail Frontend to mailboxes. > > > Ted Mittelstaedt wrote: > > <snip> > > > 5) many issues with getting Apache mod-SSL running properly with a > > self-signed > > key (you have to generate it manually with openssl, the apache > docs that > > say use make key or whatnot don't work) > > I am not doubting you that this was an issue. But it is now documented > quite nicely in the mod_ssl faq As I said, gotchas that were serious EARLIER ON. > (http://www.modssl.org/docs/2.8/ssl_faq.html). Also (as a side note), I > use CAcert (http://www.cacert.org) for my key signing needs. > Pointless for us, as CAcert's root certificate isn't included in I.E., so the end users have to go through the same honky-tonk to include it in their browsers as if you just make your own certs. We use self-signed certs for a great many production items - e-mail webinterface, account stats, imaps, etc. basically anything that a password would go over. Never had a customer have a problem inserting our self-signed cert into their browser, never had any complaints about it either. Only thing we don't do is take credit card#'s online - not because of the SSL issues, but because our credit card processing software is so old that we would either have to pay $500 for an update to it, or the bank requires us to only take #'s by phone or in person. So far nobody here has thought up a good enough reason to pay a bank $500 for new software just to be able to do this when the old software runs fine. We kind of feel that since the bank is saving money by not having to manually process a pack of CC paper slips, that we shouldn't be the ones paying for software to help the bank save itself money, you know? Maybe if it was some other vendor than a bank.... Ted
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?LOBBIFDAGNMAMLGJJCKNGEPOEPAA.tedm>