Educause Security Discussion mailing list archives
Re: SSL Certificates
From: Steven Tardy <sjt5 () ITS MSSTATE EDU>
Date: Wed, 18 Mar 2009 09:30:13 -0500
Kevin (mclaugkl) Mclaughlin wrote:
How are the rest of you dealing with this type of request? Are there any inherent risks with approving these types of requests? =============================================================== Hello, Kevin Mclaughlin, I am sending this email to ask your help in the approval of our trial SSL certificate application. We have applied a trial SSL certificate from ipsCA (http://certs.ipsca.com<http://certs.ipsca.com/>) for our web site http://XXX<http://xxx/>, which will provide online clinical data collection function for Translational research =====================================================================
we've used IPSCA SSL certificates for a year or two. mostly on test/internal/non-forward facing projects, main ssl pages are still thawte. the only problems we've had were easily solved by proper configuration. 1) browser doesn't have IPSCA root certificate. add to your apache ssl.conf: SSLCertificateChainFile /etc/httpd/conf/ssl.crt/IPS-IPSCABUNDLE.crt 2) java doesn't have IPSCA root certificate. import the bundle into java: /opt/jre/bin/keytool -import -alias ispca -file \ /etc/httpd/conf/ssl.crt/IPS-IPSCABUNDLE.crt -keystore /opt/jre/lib/security/cacerts free is better than not free. -- Steven Tardy Systems Programmer Information Technology Infrastructure Information Technology Services Mississippi State University sjt5 () its msstate edu
Current thread:
- Re: SSL Certificates, (continued)
- Re: SSL Certificates Rowe, Ken (Mar 17)
- Re: SSL Certificates Jeff Giacobbe (Mar 17)
- Re: SSL Certificates Consolvo, Corbett D (Mar 17)
- Re: SSL Certificates John Ladwig (Mar 17)
- Re: SSL Certificates Gary Flynn (Mar 18)
- Re: SSL Certificates Brian Epstein (Mar 18)
- Re: SSL Certificates Ryan Fox (Mar 18)
- Re: SSL Certificates Charlie Prothero (Mar 18)
- Re: SSL Certificates Eric Torgersen (Mar 18)
- Re: SSL Certificates Doug Hoffman (Mar 18)
- Re: SSL Certificates Steven Tardy (Mar 18)
- Re: SSL Certificates Cal Frye (Mar 19)