[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8477) OpenLDAP.org has a broken TLS certificate

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#8477) OpenLDAP.org has a broken TLS certificate
From: michael@stroeder.com
Date: Wed, 10 Aug 2016 20:30:22 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

hyc@symas.com wrote:
> When I discussed this with Kurt, we decided to leave things as-is. Replacing 
> an expired self-signed cert with a non-expired self-signed cert wouldn't 
> change anything, you still need to set an explicit exception in your client to 
> trust the cert.

Hmm, but browsers will likely not allow adding an exception anymore in the near
future. And e.g. using Let's Encrypt isn't that hard (even without installing
the bloated standard client on the system).

Ciao, Michael.

Prev by Date: Re: (ITS#8477) OpenLDAP.org has a broken TLS certificate
Next by Date: Re: (ITS#8477) OpenLDAP.org has a broken TLS certificate
Index(es):
- Chronological
- Thread