On Fri, 01 Mar 2013 10:40:48 -0600, Brad Mettee <bmet...@pchotshots.com>
wrote:
On 3/1/2013 11:11 AM, Mark Felder wrote:
On Fri, 01 Mar 2013 09:42:58 -0600, <fb...@a1poweruser.com> wrote:
The fact remains, the ms/browsers do find the wiki.freebsd.org
wedsite's certificate invalid because the certificate ip address does
not match the ip address the public dns points to.
You can put a certificate on any IP address you want. It's not embedded
into the certificate. For the most part it only matters that the
CommonName on the certificate matches the hostname of the website and
the certificate chain is valid.
And in this particular case, the certificate is for www.freebsd.org and
freebsd.org, and the browser is complaining because it's being used on
wiki.freebsd.org.
Their certificate should have been issued for *.freebsd.org instead of
just the main site name. Unfortunately I think all of the certificate
issuers charge big $$$ for that type of cert......
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
