Closed Bug 223119 Opened 21 years ago Closed 21 years ago

set up secure despot

Categories

(mozilla.org Graveyard :: Server Operations, task)

Product:
mozilla.org Graveyard
Component:
Server Operations
Platform:
x86
Linux
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: myk, Assigned: endico)

Details

despot used to run under https.  Since it sends passwords over the net in
cleartext (repeatedly), it needs to do so again.  This means we need to buy a
certificate for it and configure Apache for SSL.
We can always do a self-signed cert.  One dialog box for the user to click
through ("this certificate wasn't issued by a Central Authority Mozilla
recognizes, accept it anyway?") but otherwise it works.  You pay money to get
rid of the dialog box. :)
The previous cert had been broken for 18 months (bug 26306). Theres nothing
wrong with a self-signed cert, really, espically for a page thats not intended
to be used by the world at large.
Done.
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
Removing confidential flag for bugs fixed over a year ago
Group: security
Product: mozilla.org → mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.