----- Original Message ----- From: "Justin Erenkrantz" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, December 12, 2001 12:37 AM Subject: Re: "make certificate" Doesn't Work, Apache 2.0.28, Unix, and mod_ssl (fwd)
> On Wed, Dec 12, 2001 at 12:50:39AM -0500, Cliff Woolley wrote: > > > > Acked. Did we decide what we're going to do about this? Or is it just > > waiting on somebody to do it? > > I think wrowe and I were of the mind that we shouldn't have any > dummy certificates or any automated process to create a certificate. No... I don't believe we should have a 'stock' dummy certificate of the 'snake oil' variety. If someone wanted to copy the modssl code to create a 'temporary dummy cert' that's a different matter. Just don't try to create dummy data for a ficticious entity as the 'snake oil' example did. > This is a case where I believe it is best to not even try than do > something that'll blow up in our faces later (It Worked anyone?). :) > I think we said that it is okay to point at a HOWTO (now do we write > this HOWTO?). That's not really our responsibility. If you can't > figure out how to create a certificate from the documentation, we > don't want you running a SSL server that implicates the evil > Snake-Oil company. =) Exactly. If they can figure out how to create a certificate, then more power to them (even a blow-by-blow howto would be good.) If they can't RTFM, they are probably a long ways off from running an ssl-enabled server in the first place (if they don't know what port 80 is, how on earth do we expect them to netstat -an | grep "443" :-?) Bill