Austin Gonyou wrote: > Subject: > > Re: Please help with this Snake Oil problem > From: > > Austin Gonyou <[EMAIL PROTECTED]> > Date: > > Wed, 28 Nov 2001 09:37:38 -0800 > > To: > > [EMAIL PROTECTED] > > > Unless someone is willing to provide official Entrust, Thawte, VeriSign, > etc Certs, I doubt Apache coming from apache.org will EVER have proper > certs. They do cost money and all. Not to mention, Thawte, VeriSign, and > Entrust all have docs on how to create certificates using OpenSSL. > >
In the mean time you should probably just remove the snake-oil certs from the distribution and point them somewhere via a README to get a 'sample' cert > > On Tue, 2001-11-27 at 21:32, Justin Erenkrantz wrote: > >>> On Tue, Nov 27, 2001 at 09:24:36PM -0600, William A. Rowe, Jr. wrote: >> >>>> > this is a perception problem for end users [much like the "It >>> > Worked! > >>>> > Apache is successfully installed." message] that should be avoided >>> >>> when >> >>>> > Apache 2.0's final SSL components are put in place. >>> >>> >>> Which is why we don't enable SSL by default and instead point >>> them at the docs for mod_ssl. >>> >>> However, I believe this runs contrary to how httpd-2.0 will be >>> packaged by third-parties - I think Henri mentioned that he is >>> enabling mod_ssl by default in his RPM builds. I'm not sure >>> if he is including a "Snake Oil" certificate or not. -- justin >> > -- Austin Gonyou Systems Architect, CCNA Coremetrics, Inc. Phone: > 512-796-9023 email: [EMAIL PROTECTED] >
