Re: SSL certificate needed?

From: Gerry Doris (gdoris_at_rogers.com)
Date: 03/08/04

Next message: Ed Wilts: "Re: Outlook Client Replacement"

Previous message: Harry Hoffman: ""Change Drive Order" option during Installation"
In reply to: Robert Hartung*: "SSL certificate needed?"
Next in thread: Matt Bazan: "RE: SSL certificate needed?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: redhat-list@redhat.com
Date: Mon, 8 Mar 2004 13:39:44 -0500 (EST)

On Mon, 8 Mar 2004, Robert Hartung* wrote:

>
> Hi all,
> This may be too basic a question but I would like some
> opinions. So here goes:
>
> We are setting up a small web viewer to distribute medical
> x-ray images and reports under SSL. We will be collecting no
> information from the clients. This is a one way street. We
> plan on using SSL, but I wonder if it is necessary to pay
> Verisign US$1600 every two years for their certificate?
>
> Thanks. All input appreciated.
>
> Bob Hartung

Certificate Authorities like Verisign confirm that you are really who you
say you are and their certificates are already preloaded on everyone's
PC. Redhat sticks all the commercial CA's into a file called
/usr/share/ssl/certs/ca-bundle.crt. Microsoft have a similar file
somewhere.

You can accomplish the same thing by using a self signed certificate but
you have the problem of getting your self signed CA added to your client's
bundle. When your clients first log into your server they will see a
popup saying that your certificate is unknown and will be asked if they
want to proceed. They can add your cert to their bundle at this time.

This is quite workable if you have a limited number of known clients who
you can instruct ahead of time on what to expect/do.

-- 
Gerry
"The lyfe so short, the craft so long to learne"  Chaucer
-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

Next message: Ed Wilts: "Re: Outlook Client Replacement"

Previous message: Harry Hoffman: ""Change Drive Order" option during Installation"
In reply to: Robert Hartung*: "SSL certificate needed?"
Next in thread: Matt Bazan: "RE: SSL certificate needed?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages

Re: SSL certificate needed?
... On March 8, 2004 08:34 am, Robert Hartung* wrote: ... > We are setting up a small web viewer to distribute medical ... > x-ray images and reports under SSL. ... > Verisign US$1600 every two years for their certificate? ...
(RedHat)
Re: SMS 2003 SP1 Client Install Problem or Policy Retreival Problem?
... > Failed to find running shell process ... >> It is possible that the crypto store has somehow been corrupted. ... >>> The MP is setup and thousands of other clients have access. ... >>> Failed to find the certificate in the store, ...
(microsoft.public.sms.admin)
Re: Dummies Guide for RADIUS/Certs
... I have set up IAS. ... client computers impacts certificate enrollment. ... configure Group Policy for domain member wireless clients so ... Cert Templates that is now enrolled on the IAS server. ...
(microsoft.public.internet.radius)
Re: Need help badly!!! Please....
... ccmdelcert is what you need for the certificate error below. ... > I have also run ccmclean on one of the clients, ... > Failed to find the certificate in the store, retry 1. ... >> The software inventory problem is a different one than the certificate ...
(microsoft.public.sms.admin)
Re: Can this be done? Wireless Access w/o the use if CERTs
... a default certificate is being sent to user ... Could not retrieve the Remote Access Server's certificate due to the ... to use EAP-TLS but you don't have a server certificate. ... EAP-TLS requires certificates on clients and on the IAS server. ...
(microsoft.public.internet.radius)