>On Friday, August 25, 2017 1:47 PM, Radovan Drazny wrote: >Subject: Re: Webui to use http not https?
>The setup generates the ssl certificate for use, but is insecure: " Your >connection is not secure" >Since we are using an internal domain "spacewalk-live.internal", access to >this server is only accessible via VPN anyway. >So I don't see the need for an >insecure ssl cert. "Your connection is not secure" is relative. Because your cert is not signed by a recognized CA, DNS cache poisoning could be used to redirect your connection to a different host performing a MITM attack, and therefore not completely secure. However, the connection is still encrypted, and therefore less subject to a whole host of simpler attacks which can be used against http. I would suggest giving Emgee King's option #2 another shot. If your RHN-ORG-TRUSTED-SSL-CERT file is really corrupted then your clients would have problems connecting to your server. So you may have had a transfer issue, or you may be using the wrong cert import approach (you will need to import it as a CA, authorized to authenticate web servers) Cheers, Paul-Andre Panon Senior systems administrator _______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list
