SSL and Certificates

To: Apache List <apache-ssl@lists.aldigital.co.uk>
Subject: SSL and Certificates
From: Richard Stagg <squid@bae.co.uk>
Date: Thu, 24 Jun 1999 14:43:03 +0100 (BST)
Delivered-To: mailing list apache-ssl@lists.aldigital.co.uk
Mailing-List: contact apache-ssl-help@lists.aldigital.co.uk; run by ezmlm
Organization: http://www.apache-ssl.org
Reply-To: apache-ssl@lists.aldigital.co.uk

Hello *,

As I have confessed before on this list, I am very far from being at home
with all the aspects of SSL. Hence I wonder if I could harvest some
opinion on what could be a very simple issue.

I run an Apache/SSL server on my Intranet, running OpenSSL. It is purely
for internal use, and required simply to encrypt the contents of a form so
that sensitive information (passwords/salaries etc) can't be sniffed on
the network.

At the moment, people who try to access it get nagged like mad by their
browser about certificates, because I've not got a recognised CA signing
anything on my SSL server.

The bottom line, of course, is that I don't actually _want_ certification.
Since this is for internal use only, there's no need for authentication,
just encryption. Is there any way at all to turn this off, so that my
users don't get bothered by messages that they don't understand?

Help appreciated.

Rgds
Richard Stagg

---------------------------------
Richard Stagg
Internet Architect
squid@bae.co.uk

Prev by Date: httpsd
Next by Date: Re: [apache-ssl] httpsd
Prev by thread: Re: [apache-ssl] Client Authentication: no certificate returned
Next by thread: Re: [apache-ssl] httpsd
Index(es):
- Date
- Thread