"Michael D. Mack" wrote: > I am a little skeptical about the SSL that comes stock with the RAQ4. I > have a few pages within the site that have the need. Does anyone have > any good suggestions or important tips on using it properly (other than > following the guides instructions),
Are you talkiing about the ssl infrastructure or your cert? RaQs use openssl for Apache, and if kept up-to-date (I believe it's up-to-date today) it's as secure as it gets. If you're talking about your cert, you should NEVER use a self-signed cert to secure a publicly-accessible site. self-signed certs are fine for testing, and for server administration, though with commercial certs available as inexpensively as $49 or less, there's no reason to use them even for server administration. Why? Because if you use a self-signed cert your client's browser will complain that the cert is from a non-recognized source. > or is it a waste of time and should > I just purchase one from a well known source? Comodo certs are $49 from them, cheaper from a lot of people <hint, smile>. At that price, I'd think a commercial cert is probably a reasonable idea <smile>. > (by the way I do have it on its own IP.) If you didn't, it wouldn't work. Jeff -- Jeff Lasman <[EMAIL PROTECTED]> Linux and Cobalt/Sun/RaQ Consulting nobaloney.net, P. O. Box 52672, Riverside, CA 92517 voice: +1 909 778-9980 * fax: +1 909 548-9484 _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
