Apache Webserver for Webmin
Jan Claeys
lists at janc.be
Tue Mar 15 19:56:02 UTC 2011
Avi Greenbury schreef op di 01-03-2011 om 10:12 [+0000]:
> Self-signed certificates, lacking the certificate authority, Allow you
> to encrypt the stream between you and the server, but don't allow you
> to guarantee that the server is who it says it is.
Actually, a self-signed certificate, or a certificate signed by your own
private CA (when maintained properly) can be safer than one signed by
any commercial CA (many of them have proven over and over again not to
be trustworthy).
So this browser warning is--at best--misleading.
The easiest way to get rid of the warning without compromising security
is to create your own CA ("Certificate Authority") that you use to sign
your server certificates, and install the public key of your CA in all
your browsers. But of course you need to keep the private key of your
CA very secure then.
--
Jan Claeys
More information about the sounder
mailing list