It would be nice if infra spring to get an SSL certificate that isn't self signed. It adds a level of professionalism to the site, and keeps the popup from happening (which isn't always 100% ignorable from Windows machines). www.godaddy.com even gives free certs to open source projects. Reproducible: Always Steps to Reproduce:
Yeah, I was hoping to do that later on once things calmed down. I have a few people that can get me one from a trusted CA so it shouldn't be a problem. I'll get around to this later.
I'll take a look at this....caleb, can you please provide a link to the free godaddy service?
never mind... https://www.godaddy.com/gdshop/ssl/ssl_opensource.asp applied for a cert.
We could build our own intermediate CA and then have that signed by a trusted CA, this way we'll be free to manage our own certificates.
Any updates on this?
yes, we have a free 1 year cert ready to use. Just need to find the time to roll it out to the servers. This isn't a high priority, but we will get to it when we have time.
(In reply to comment #5) > Any updates on this? I accidently opened a similar bug and proposed the use of CACERT (http://www.cacert.org)(bug 94382).
*** Bug 94382 has been marked as a duplicate of this bug. ***
*** Bug 97590 has been marked as a duplicate of this bug. ***
Mark, lance said you had access to a CA to provide such a cert. how are we looking on that? -jeff
I offered but he was going to apply for one from godaddy I believe. I'd be happy to do this. Just send the CSR to mm@vr.org. Thanks, Mark
Why no CaCert-Certificate?
Actually, I just noticed the update from Kurt saying there already is a cert available. If that doesn't work out let me know...
I think kurt may have been working on that, so he may not what happened to the godaddy thing.
Kurt: Did we ever get this sorted? Would be nice to get some real certs out there :) If not we could ask Mark for one or Weeve even said he coudl get us one.
just as a random note: it would be nice to roll a "real" certif on forums.g.o too :-)
Yeah, I imagine we could use this in many places including the forums. :)
In the interim until a non-self-signed certificate is used, post the signature of the self-signed certificate somewhere that is preferable on a different server from https://bugs.gentoo.org so that it can be used to verify that the correct certificate is being used if somebody decides to install the certificate locally as a trusted root certificate.
Lance, I remember seeing you and Corey talk about this the other day. Any status update on getting the non-self signed certs purchased and in?
I'm already on the list silly because of infra-bugs! :-P Anyways, we're just needing to finalize some ideas and take it to the board for approval. (I think at least)
going to close this one and point everyone to bug 108944. since the issue is one in the same.
Going to redo as a DUP.
*** This bug has been marked as a duplicate of 108944 ***