Comment 1 Lance Albertson (RETIRED) 2005-05-13 06:05:31 UTC

Yeah, I was hoping to do that later on once things calmed down. I have a few people that can get me one from a trusted CA so it shouldn't be a problem. I'll get around to this later.

Comment 2 Kurt Lieber (RETIRED) 2005-05-13 06:28:49 UTC

I'll take a look at this....caleb, can you please provide a link to the free godaddy service?

Comment 3 Kurt Lieber (RETIRED) 2005-05-13 06:49:59 UTC

never mind...

https://www.godaddy.com/gdshop/ssl/ssl_opensource.asp

applied for a cert.

Comment 4 Andrea Barisani (RETIRED) 2005-05-13 08:21:21 UTC

We could build our own intermediate CA and then have that signed by a
trusted CA, this way we'll be free to manage our own certificates.

Any updates on this?

Comment 6 Kurt Lieber (RETIRED) 2005-06-10 10:31:56 UTC

yes, we have a free 1 year cert ready to  use.  Just need to find the time to
roll it out to the servers.

This isn't a high priority, but we will get to it when we have time.

(In reply to comment #5)
> Any updates on this?

I accidently opened a similar bug and proposed the use of CACERT
(http://www.cacert.org)(bug 94382).

Comment 8 Jeffrey Forman (RETIRED) 2005-06-10 12:59:41 UTC

*** Bug 94382 has been marked as a duplicate of this bug. ***

Comment 9 Jakub Moc (RETIRED) 2005-07-01 02:30:22 UTC

*** Bug 97590 has been marked as a duplicate of this bug. ***

Comment 10 Jeffrey Forman (RETIRED) 2005-07-18 11:36:53 UTC

Mark,

lance said you had access to a CA to provide such a cert. how are we looking on
that?

-jeff

Comment 11 Mark Mahle (RETIRED) 2005-07-18 11:38:41 UTC

I offered but he was going to apply for one from godaddy I believe.

I'd be happy to do this. Just send the CSR to mm@vr.org.

Thanks,
Mark

Why no CaCert-Certificate?

Comment 13 Mark Mahle (RETIRED) 2005-07-18 11:41:03 UTC

Actually, I just noticed the update from Kurt saying there already is a cert
available. If that doesn't work out let me know...

Comment 14 Lance Albertson (RETIRED) 2005-07-18 11:41:24 UTC

I think kurt may have been working on that, so he may not what happened to the
godaddy thing.

Comment 15 Lance Albertson (RETIRED) 2005-08-15 18:41:03 UTC

Kurt: Did we ever get this sorted? Would be nice to get some real certs out
there :) If not we could ask Mark for one or Weeve even said he coudl get us one.

Comment 16 Jonathan Smith (RETIRED) 2005-08-16 09:25:31 UTC

just as a random note: it would be nice to roll a "real" certif on forums.g.o
too :-)

Comment 17 Lance Albertson (RETIRED) 2005-08-16 09:32:51 UTC

Yeah, I imagine we could use this in many places including the forums. :)

In the interim until a non-self-signed certificate is used, post the signature 
of the self-signed certificate somewhere that is preferable on a different 
server from https://bugs.gentoo.org so that it can be used to verify that the 
correct certificate is being used if somebody decides to install the 
certificate locally as a trusted root certificate.

Comment 19 Jeffrey Forman (RETIRED) 2005-10-14 09:10:01 UTC

Lance,

I remember seeing you and Corey talk about this the other day. Any status update
on getting the non-self signed certs purchased and in?

Comment 20 Lance Albertson (RETIRED) 2005-10-14 09:18:41 UTC

I'm already on the list silly because of infra-bugs! :-P

Anyways, we're just needing to finalize some ideas and take it to the board for
approval. (I think at least)

Comment 21 Jeffrey Forman (RETIRED) 2005-10-14 12:49:33 UTC

going to close this one and point everyone to bug 108944. since the issue is one
in the same.

Comment 22 Lance Albertson (RETIRED) 2005-10-14 13:22:42 UTC

Going to redo as a DUP.

Comment 23 Lance Albertson (RETIRED) 2005-10-14 13:23:00 UTC

*** This bug has been marked as a duplicate of 108944 ***