On 10/11/2016 12:00 AM, Mark Hansen wrote:
If you want to avoid this, you need to purchase a certificate signed by a well-known CA and install that on your server.
actually the free certificates issued by several companies, starting with letsencrypt and startssl.com(*), are just fine when installed properly ( i.e. including all the CA and issuer certificates as well, not just the server )
(*) I used to use startssl's certs but I quit this very month given that they were acquired by a shady Chinese company. the topic exceeds the scope of this list so I will not provide details here but http://www.percya.com/2016/09/wosigns-secret-purchase-of-startcom.html (and the links pointed out by this article) + http://www.theregister.co.uk/2016/09/27/mozilla_wants_woeful_wosign_certs_off_the_list/ provide enough info for an educated decision
_______________________________________________ Nut-upsuser mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/nut-upsuser
