The most infuriating thing is that too many people use IE (including myself)! IE breaks so many standards it's incredible. The recent fiasco over handling a file according to its Mime-Type rather than its contents comes to mind. Faking extensions or Mime-Types is trivial, whereas faking contents isn't.
This is precisely why most of the posts to this list seem to involve IE more than mod_ssl. Dismounts soapbox. John >-----Original Message----- >From: Rhys Hopkins [mailto:[EMAIL PROTECTED]] >Sent: 26 February 2002 14:00 >To: '[EMAIL PROTECTED]' >Subject: RE: wildcard certificate errors? > > >Thanks - My own fault for not reading things properly. >Darn infuriating though - considering xx% of users have IE. > >-----Original Message----- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] >Sent: 26 February 2002 13:48 >To: [EMAIL PROTECTED] >Subject: RE: wildcard certificate errors? > > >>-----Original Message----- >>From: Rhys Hopkins [mailto:[EMAIL PROTECTED]] >>Sent: 26 February 2002 13:26 >>To: '[EMAIL PROTECTED]' >>Subject: RE: wildcard certificate errors? >> >> >>I have this problem viewing our site with IE5.5 >>Do all microsoft browsers reject wildcard certs ? >Some reject them entirely, eg IE3, but these are no longer supported. I >trust that you mean IE5.5SP2? > >>Is there a patch for IE5 to get round this problem ? > >You should be able to either disable the warning or click past it. >> >>Why don't Thawte tell you about this when you buy the certificate? >> >The information is there on their site: >http://www.thawte.com/getinfo/products/wildcard/overview.html > >I found this clicking the wildcard certificates link from >www.thawte.com. >Not exactly hidden. There's even a link to creating test >certificates that >you can play with until you get the process right. > >Officialy IE doesn't support wildcard certificates, but other than the >original IE5 refusing them unofficially it does. In fact, there were >enormous bugs with IE5 (pre version 5.01). > >- >John Airey >Internet systems support officer, ITCSD, Royal National >Institute for the >Blind, >Bakewell Road, Peterborough PE2 6XU, >Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 >[EMAIL PROTECTED] > >Evolution - A crutch for scientists who can't handle the >existence of the >creator. See "disproven scientific theories" and Romans 1:22. > > >>-----Original Message----- >>From: Julian C. Dunn [mailto:[EMAIL PROTECTED]] >>Sent: 26 February 2002 13:19 >>To: [EMAIL PROTECTED] >>Subject: Re: wildcard certificate errors? >> >> >>On Tue, 26 Feb 2002, Matus "fantomas" Uhlar wrote: >> >>> [26/Feb/2002 09:06:59 15055] [warn] Init: (ssl.fantomas.sk:443) RSA >>> server certificate CommonName (CN) *.fantomas.sk' does NOT >>match server >>> name!? >>> >>> I really don't understand this. *.fantomas.sk DOES match >>ssl.fantomas.sk, >>> right? It works but why does it produce warning? >> >>No, it doesn't, because there are no wildcard expansion >>patterns accepted >>on the server end. Wildcard certs only work because the >>_browser_ accepts >>the wildcard in the CN. >> >>In any case the warning you are seeing is only a warning; it's >>not fatal. >> >>- Julian >> >>-- >>Julian C. Dunn, B.A.Sc <[EMAIL PROTECTED]> >>Senior Software Developer, VerticalScope Inc. >>Tel.: (416) 341-8950 x236 Fax: (416) 341-8959 >>WWW: www.verticalscope.com >> >>"Windows NT encountered the following error: >>The operation was completed successfully." >> >> >>______________________________________________________________________ >>Apache Interface to OpenSSL (mod_ssl) www.modssl.org >>User Support Mailing List [EMAIL PROTECTED] >>Automated List Manager [EMAIL PROTECTED] >>______________________________________________________________________ >>Apache Interface to OpenSSL (mod_ssl) www.modssl.org >>User Support Mailing List [EMAIL PROTECTED] >>Automated List Manager [EMAIL PROTECTED] >> > >- > >NOTICE: The information contained in this email and any attachments is >confidential and may be legally privileged. If you are not the >intended recipient you are hereby notified that you must not use, >disclose, distribute, copy, print or rely on this email's content. If >you are not the intended recipient, please notify the sender >immediately and then delete the email and any attachments from your >system. > >RNIB has made strenuous efforts to ensure that emails and any >attachments generated by its staff are free from viruses. However, it >cannot accept any responsibility for any viruses which are >transmitted. We therefore recommend you scan all attachments. > >Please note that the statements and views expressed in this email >and any attachments are those of the author and do not necessarily >represent those of RNIB. > >RNIB Registered Charity Number: 226227 > >Website: http://www.rnib.org.uk > >14th June 2002 is RNIB Look Loud Day - visit http://www.lookloud.org.uk to find out all about it. ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] - NOTICE: The information contained in this email and any attachments is confidential and may be legally privileged. If you are not the intended recipient you are hereby notified that you must not use, disclose, distribute, copy, print or rely on this email's content. If you are not the intended recipient, please notify the sender immediately and then delete the email and any attachments from your system. RNIB has made strenuous efforts to ensure that emails and any attachments generated by its staff are free from viruses. However, it cannot accept any responsibility for any viruses which are transmitted. We therefore recommend you scan all attachments. Please note that the statements and views expressed in this email and any attachments are those of the author and do not necessarily represent those of RNIB. RNIB Registered Charity Number: 226227 Website: http://www.rnib.org.uk 14th June 2002 is RNIB Look Loud Day - visit http://www.lookloud.org.uk to find out all about it. ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
