Difference between revisions of "SSL certificates"

From Organic Design wiki
m (Wildcard certs)
(Alternatives)
Line 11: Line 11:
 
[[File:XP successful certificate import.jpg]]
 
[[File:XP successful certificate import.jpg]]
 
[[Category:SSL]]
 
[[Category:SSL]]
 +
 +
==Alternatives to Central Authorities==
 +
 +
:[http://it.slashdot.org/story/11/08/31/2221248/Hackers-May-Have-Nabbed-Over-200-SSL-Certificates Hackers May Have Nabbed Over 200 SSL Certificates]: "Hackers may have obtained more than 200 digital certificates from a Dutch company after breaking into its network, including ones for Mozilla, Yahoo and the Tor project — a considerably higher number than DigiNotar has acknowledged earlier this week when it said 'several dozen' certificates had been acquired by attackers. Among the certificates acquired by the attackers in a mid-July hack of DigiNotar, Van de Looy's source said, were ones valid for mozilla.com, yahoo.com and torproject.org, a system that lets people connect to the Web anonymously. Mozilla confirmed that a certificate for its add-on site had been obtained by the DigiNotar attackers. 'DigiNotar informed us that they issued fraudulent certs for addons.mozilla.org in July, and revoked them within a few days of issue,' Johnathan Nightingale, director of Firefox development, said Wednesday. Looy's number is similar to the tally of certificates that Google has blacklisted in Chrome."

Revision as of 04:34, 1 September 2011

Wildcard certs

RapidSSL do a cheap wildcard cert for US$199 (around half price), but we found that the untrusted root authority still occurs for Windows XP. This means the users will be required to add an exception, which they'd need to do even if we just use a self-signed certificate.

Exmaple images

XP security alert.jpg

XP import certificate wizard.jpg

XP successful certificate import.jpg

Alternatives to Central Authorities

Hackers May Have Nabbed Over 200 SSL Certificates: "Hackers may have obtained more than 200 digital certificates from a Dutch company after breaking into its network, including ones for Mozilla, Yahoo and the Tor project — a considerably higher number than DigiNotar has acknowledged earlier this week when it said 'several dozen' certificates had been acquired by attackers. Among the certificates acquired by the attackers in a mid-July hack of DigiNotar, Van de Looy's source said, were ones valid for mozilla.com, yahoo.com and torproject.org, a system that lets people connect to the Web anonymously. Mozilla confirmed that a certificate for its add-on site had been obtained by the DigiNotar attackers. 'DigiNotar informed us that they issued fraudulent certs for addons.mozilla.org in July, and revoked them within a few days of issue,' Johnathan Nightingale, director of Firefox development, said Wednesday. Looy's number is similar to the tally of certificates that Google has blacklisted in Chrome."