Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 228487

Summary: gentoo bugzilla should use a valid certificate
Product: Gentoo Infrastructure Reporter: basic <basic>
Component: BugzillaAssignee: Bugzilla Admins <bugzilla>
Status: RESOLVED LATER    
Severity: normal    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description basic 2008-06-20 10:14:29 UTC 
There's no reason why Gentoo's bugzilla should not be using a valid certificate when SSL/TLS is used. With Firefox 3 (and maybe other newer browsers), it brings up a warning and temporarily blocks the site. There are free certificates that can be obtained if money is the issue ( come on, I'm sure the Gentoo foundation can allocate some funds :P ), like godaddy.com gives free certs to open source projects, StartCom gives free class 1 certificates https://www.startssl.com/.

Reproducible: Always

Steps to Reproduce:
1. visit https://bugs.gentoo.org/ with Firefox 3 (clean install/profile)
2.
3.

Actual Results:  
See red guy

Expected Results:  
See bugs.gentoo.org main page
Comment 1 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2008-06-20 16:51:12 UTC 
We're going to be using CACert later, it's just not a high priority right now.

Your definition of 'valid' is also wonky. We care about the encryption, but not so much the identity.

This is a dupe, but I don't have the other bug# on hand.