Do note that not all users that will chose the SSL package will know how to correctly fill in the fields. My experience tells me if there is a package with XYZ and without most chose it with XYZ even if they don't need it.
So if there is a dialog in the installer that would ask for the information... make sure there is lots of information available on what to enter! My 0,02 EUR Cent ;) On 1/10/07, Issac Goldstand <[EMAIL PROTECTED]> wrote:
I think the MSI should autogenerate a self-signed cert at least (last thing we need is for people to deploy a static pre-distributed cert which would make it that much easier to do man-in-the-middle attacks). Would be great if the MSI had a choice to use an existing cert, or generate a new one with a user supplied DN (fill-in fields for CN, OU, O , L, ST, C), and generated a self-signed cert with that + a .csr for sending to a Trusted Third-Party for signing. Would also be great if there was some GUI for importing a signed cert post-install, similar to the IIS wizard, but that's probably pushing it. Just my $0.02, Issac William A. Rowe, Jr. wrote: > A final question for all, do we wish to install an arbitrary, on the fly self > signed default.crt/default.key? Do we want to help them fill out the details > or use stock details? Or do we want them to use openssl.exe to generate one > for themselves?
-- ~Jorge
