The included self-signed certificate is just a
convenience for getting people up and running quickly.
Certs from established authorities should be obtained
by the individual organizations installing/using Fedora,
if desired.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I've marked this for 3.0 as anyone using the included cert will see the expired warnings.
Also, I think obtaining a "trusted" cert would be self-defeating from a security perspective (as it would publicly available/distributed). Also least this way, it's painfully obvious that it's a sample certificate (but useful all the same for testing/evaluating Fedora with SSL) and provides little temptation to use it in a scenario where security actually matters.
Fixed in maintenance-2.2 and trunk
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Logged In: YES
user_id=189298
Originator: NO
The included self-signed certificate is just a
convenience for getting people up and running quickly.
Certs from established authorities should be obtained
by the individual organizations installing/using Fedora,
if desired.
Logged In: YES
user_id=487398
Originator: NO
I've marked this for 3.0 as anyone using the included cert will see the expired warnings.
Also, I think obtaining a "trusted" cert would be self-defeating from a security perspective (as it would publicly available/distributed). Also least this way, it's painfully obvious that it's a sample certificate (but useful all the same for testing/evaluating Fedora with SSL) and provides little temptation to use it in a scenario where security actually matters.
Fixed in maintenance-2.2 and trunk
Logged In: YES
user_id=189298
Originator: NO
Fixed in maintenance-2.2 rev 6257 and trunk rev 6258