Hi Jim
This is not an issue related to Kannel but to the SSL Certification
Authority mechanism.
In order for a browser to "accept" a cert as valid by default, the owner of
the CA should register itself with the browser developper/owner
(MS/Mozilla/Opera/etc) and, depending on the browser, this could cost
several thousands -and even millions- of dollars. Therefore only big/medium
CA are able to be listed on default accepted CA within most common browsers.
Normally once you tell your browser to accept a cert from a non listed CA,
your browser will remember this and should not ask you to accept the cert
again.
I do work with self signed certs and just tell my customers about this and
have no problems.
Regards
Alvaro
On Mon, Mar 10, 2008 at 5:17 PM, Jim Cropcho <[EMAIL PROTECTED]> wrote:
> Does anybody know how (or if it's possible) to use SSL with a CA? For
> example, when I access Kannel's status page in
> Firefox, I get the familiar
>
> XXX is not a trusted site. Do you want to accept the cert permanently,
> temporarily or not at all?
>
> My cert is the GoDaddy TurboSSL variety, and *IMPORTANT* came with a
> certificate chain (or "intermediate bundle") file.
>
> If I ignore the warning and accept the cert, everything works fine,
> however other machines using my sms gateway are subject to a 'man in the
> middle' attack. (right?)
>
> Thanks in advance for your help!
>
--
|-----------------------------------------------------------------------------------------------------------------|
Envíe y Reciba Datos y mensajes de Texto (SMS) hacia y desde cualquier
celular y
Nextel en México y en mas de 180 paises. Use aplicaciones 2 vias via SMS y
GPRS online
Visitenos en www.smsglobal.com.mx y www.pravcom.com
