Pages: [1] :: one page |
|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Colonel O'Neill
Caldari Cosmic Vacum Cleaners Enforcers of Serenity
|
Posted - 2010.03.23 03:13:00 -
[1]
I'm using a self-signed SSL cert for a few private things, is there a way to make the IGB allow or add exceptions for untrusted certs? // Colonel O'Neill |
Vanilla Prime
The 0rder Cow Farm
|
Posted - 2010.04.09 18:06:00 -
[2]
Any idea?
I have the same problem with the in game browser:
my self signed certificate is not accepted (Unable to process the website's SSL certficate, Error Code: -202) when the one from my bank is allowed (Veritas CA).
Please, please ;)
|
Mandy Moo
|
Posted - 2010.04.10 11:59:00 -
[3]
You can get a 2 year signed certificate from GoDaddy for $30 which is how I got around this annoyance.
|
Xeross155
Minmatar Fusion Death Inc. Intrepid Crossing
|
Posted - 2010.04.12 09:34:00 -
[4]
Originally by: Mandy Moo You can get a 2 year signed certificate from GoDaddy for $30 which is how I got around this annoyance.
Why would I pay money for something CCP forgot to implement properly ? --------------------------------------------- Xeross' ventures into EVE |
ChrisIsherwood
|
Posted - 2010.04.12 12:06:00 -
[5]
Originally by: Xeross155
Why would I pay money for something CCP forgot to implement properly ?
You are using the EVE user interface, so haven't you already given in?
|
Wollari
The Executives IT Alliance
|
Posted - 2010.04.19 09:54:00 -
[6]
Just get a free SSL Certificate from startssl.com.
They offer Free SSL Certificates and their CA is nowadays included in the majority of web browsers including chrome/eve-igb.
|
Tonto Auri
Vhero' Multipurpose Corp
|
Posted - 2010.04.19 21:35:00 -
[7]
Originally by: Wollari Just get a free SSL Certificate from startssl.com.
They offer Free SSL Certificates and their CA is nowadays included in the majority of web browsers including chrome/eve-igb.
Customer > Hey, there's a bug! CCP > Wat? Oh, nevermind, just don't call this function. -- Thanks CCP for cu |
ChrisIsherwood
|
Posted - 2010.04.20 03:05:00 -
[8]
This is certainly an inconvenience, but is this a bug? If viruses and trojans can create certs (if you can create a SS cert, they can as well), then certs don't add any value; I thought the whole point of certificates was there was an external CA Certificate Authority? Wouldn't allowing selfsigned certs reduce security slightly?
CCP started out very cautious; after CCP feels a bit more comfortable with Chrome security they may start to open up: ignore certs, allow Flash, Java, more header stuff, etc
|
Catari Taga
Centre Of Attention Rough Necks
|
Posted - 2010.04.20 08:53:00 -
[9]
Originally by: ChrisIsherwood This is certainly an inconvenience, but is this a bug? If viruses and trojans can create certs (if you can create a SS cert, they can as well), then certs don't add any value; I thought the whole point of certificates was there was an external CA Certificate Authority? Wouldn't allowing selfsigned certs reduce security slightly?
CCP started out very cautious; after CCP feels a bit more comfortable with Chrome security they may start to open up: ignore certs, allow Flash, Java, more header stuff, etc
The problem is that the IGB is so simple that it does not allow you to verify certificate fingerprints, certification chains, revocation information or anything. All you get is the little lock icon in the upper right corner and you just need to believe the browser has done all the right things - which, considering CCP creates inconceivable bugs like url encoding the hostname part for trusted sites I very much doubt - you would have to be clinically insane to trust their code with your online banking data or anything like that...
Anyway that is the reason they have to reject self-signed certificates because they never included a means to notify you about it.
|
Skyvyr
Caldari Ascendent. Systematic-Chaos
|
Posted - 2010.04.20 17:24:00 -
[10]
I admit I have not checked the IGB's cert chain, but now I will tonight.
Having not tested myself yet, if you import your cert into your OS's cert chain, and mark that as trusted, does the IGB still reject it?
-- I often heard the Sky's the limit, sadly I'm broke fairly often. |
|
Tonto Auri
Vhero' Multipurpose Corp
|
Posted - 2010.04.20 20:21:00 -
[11]
Originally by: Skyvyr I admit I have not checked the IGB's cert chain, but now I will tonight.
Having not tested myself yet, if you import your cert into your OS's cert chain, and mark that as trusted, does the IGB still reject it?
If it ever look into system cert store, it should work. Only watch out for "*" certificates and never ever add them to the permanent storage. -- Thanks CCP for cu |
|
|
|
Pages: [1] :: one page |
First page | Previous page | Next page | Last page |