Firefox certificates for Fedora sites?
Blake Hudson
blake at ispn.net
Mon Nov 19 16:42:19 UTC 2012
Reindl Harald wrote the following on 11/19/2012 10:08 AM:
>
> Am 19.11.2012 17:03, schrieb Sergio:
>> Is it the case that these site owners should contact Mozilla for
>> them to update the certificate bundle or, in the case of official
>> Fedora sites, should an extra package with Fedora certificates be
>> created?
> they won't
>
> these are self signed certs because they do the same: encryption
> if you want you certs accepted from browsers you need to sign
> them by a CA like Thawte what is expensive
>
> that is how https works
>
>
That is not how HTTPS works. HTTPS does not require an expensive
commercial CA like Thawte. First, if Fedora/Redhat wanted, they could
include their own CA certificate with their own distribution with no
additional cost (other than the time creating a CA certificate and
including it on their distribution). Second, there are free or low cost
CAs like StartSSL. I believe StartSSL benefits from Redhat, so they may
be willing to give back to the community at no cost for some of the
items they typically charge for.
More information about the users
mailing list