No. The short answer (and about as much as I understand ;-) is that part
of the purpose of the certificate authorities is that an independent third
party has verified the information provided by your certificate. The
browsers are hardcoded with information about the certificate authorities
and will always ask a user if they want to accept a certificate from an
unknown authority, e.g. you. This situation is also the reason why older
Netscape browsers have problems with Verisign certificates because the
hardcoded info on Verisign expired Jan. 1, 2000 in versions up through
about 4.0.5
The connection itself is still secure, and if you are using it for
non-mission-critical purposes (e.g. selling stuff) you could just put a
message up explaining what the warning means, but if you care how many
people eventually click through you're well advised to spend the $125 to
get a real cert!
Jamie
>Since MSIE and Netscape produce error messages when viewing a self signed
certificate, is there any alternative to getting a >certificate that won't
produce error messages, and that is also free?? Brian
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
