[Remops] Oops! Small problem!
richard at quicksilvermail.net
richard at quicksilvermail.net
Tue Oct 28 01:31:35 GMT 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sun, 26 Oct 2014 23:33:26 +0100, you wrote:
>
>
> On Sun, Oct 26, 2014 at 04:10:36PM -0600, richard at quicksilvermail.net wrote:
> >I tried all the stats sites that have SSL capability and got these
> >results:
> >
> >jeremySSL error -2146697211
> >austria error -2146697191
> >paranoic error -2146697191
> >deuxpi ok
> >
> >Interesting difference in results. It turns out that jeremySSL, austria,
> >and paranoic all have self-signed SSL certificates. When testing with
> >chrome browser, I was warned it could not verify the sites certs.
> >
> >On the other hand, deuxpi, did not throw a warning at all and it
> >successfully got the stats.
> >
> >It looks like the problem is the security warning on jeremySSL, austria,
> >and paranoic.
>
> Try putting the line:
>
> cacert=3D/path/to/certificate/from/server/cert.pem
>
> in the .curlrc file, where cert.pem is the self-signed certificate from
> jeremySSL/austria/paranoici. I'm not sure where the .curlrc file is on
> Windows.
>
> This works for linux.
Sorry to say, there is no curl in windows. There is probably a version
of curl available for windows but few users would have it.
My goal is to find a way to get windows to ignore the cert security
problem and get the page anyway. It doesn't look promising. I'll keep
looking--when I can find some time. I'll post again when I'm ready to
release mixmaster.
Have any of you with self-signed certs seen StartSSL? For $30 dollars a
year (actually $59.90 for 2 years. They are a good service. The charge
is for them to call you and verify your personal identity. They call
within a few minutes of your identity validation request. You end up on
the phone with Eddy for less than a minute. After that _you_ create all
the certs you need, including wildcard and unlimited domains (DNS alt
names). One snag, thunderbird still doesn't recognize them. Off hand, I
don't recall why. Microsoft has recognized them for a long time.
I know that spending money on services we provide must be kept to a
minimum. Ask my wife :) But considering the low cost at StartSSL, it was
a high priority.
Regards,
Richard
-----BEGIN PGP SIGNATURE-----
Version: N/A
iQIcBAEBAgAGBQJUTvOIAAoJEJxtYUVddaeifoAQAL5R9DXykp30IWvX0xZUv+mM
KS+bGIJyn/N6kupkiXQJtlnpCi6/Wrim9lW7nHKZnOsISOhSTx4qptw+xwqgK/jz
rDyDT+1GuquKlbXLquq/2v1vgMp6oWaqjqwn2pHHrMITezRuFlM/qT/2LJOD8pNJ
T0ZFeFu0Nt1/oR51uNmGubdEia2E40aOFHU3+1Xg3M8RFQ39C9Pay2AVp137Iy49
DUWZtZnjWRqw2LptuZrWQexfXFGv9nn4lPVdzvlKhOVUWF9kyAYej9uaxmnTjS4x
u7qtFJnZ45nJXekEXMojOGaiSDjCswpHR9yYOQ4nDg+Mb0QmPf1fcV0HcrepILLZ
pzcADYknHNB9BkGQdT1TbAsHUaylqUDSaJVDN2opjlqevUcFPVgmK+rquWIOCMPb
R98LWwpkI8JQrIBSj7MTNjEHwu0DqP75+bqrJK6GjEuYEZpw1CFU3O49xQiJbZuF
3Ypmdi3KRUfShwnG2Q2NXFikxcThGbd22HAX9EeGdinRMS8/9NDwJ8HbZUJHSiCZ
PecJ77xEfcZAqVnYXwrt/SLlQT0ae8Kn2YH3+5TlezMsz8nlwVdauZXfgXEAxJ6c
YudG+Ew4TUAMMCodQ/JwNhn2I0+mMl+xTcQzj1ie0L3k/Qr3PV3q7f4k4uD2T3Ra
9MjemtTqtWFdJ8Mf5JgA
=i+z0
-----END PGP SIGNATURE-----
More information about the Remops
mailing list