Re: [Savannah-help-public] missing SSL cert from savannah site

[Jon Grant]

Hi Sylvain

Thank you for your reply.

2009/9/28 Sylvain Beucler <address@hidden>:
[..]
>> On http://savannah.gnu.org/ click "Login". See attached error. Close
>> browser and never return to the site. How many visitors does GNU
>> loose because the HTTPS SSL cert is not authenticated as valid by a
>> root cert in browsers?
>
> The plan is to add more documentation about including CAcert (which
> hasn't expired to my knowledge).  I haven't gotten around to do that
> yet, due to other pending issues, but maybe you could contribute it?

I'm happy to contiubte to the right solution. Which in the absence of
Mozilla adding CAcert root certificate is to change your site to use a
valid SSL cert.

Therefore, I've no wish to document the fact on Savannah pages that
there are SSL errors because Mozilla doesn't have a CAcert root. This
isn't even a "workaround"..

>> So again.. I offer to pay for the valid SSL cert, just tell me who
>> to forward it on to. Or tell me when you've paid for it and I will
>> donate the same amount.
>
> I'd also like a certificate for my Java applets, and also one for my
> ms woe .exe installers which (like Firefox' or OpenOffice's) trigger a
> bad-looking warning under recent versions/SPs of that OS.  If you can
> buy that for each Savannah project that would be great.  I have to
> warn you that the annual fee is subtantially higher though (like 50x).

This is a separate topic, Windows Installer signing. I'm running
Ubuntu GNU/Linux, so we only see the SSL cert errors.

Best regards, Jon