It is the same thing when you install software from Github for example. I do not change my name or do shady things. Yes, I agree, Kinda, Ads do spread more malware than porn, But You should never click on strange links you don't trust, But I have an open profile, I am pretty active in the community. I am aware of ad blockers etc, But nothing beats a clean website that does not even try to track you, Like your own, It also gives me much more control over my own images, I could take them down with ease for example, I share it with no image crawlers, etc :) If people want to waste their time trying to attack my server that is fine, I am not too worried personally Surely with the right bandwidth they could max my capacity and take me down, But it is just temporary and in the end they are only wasting their own time and bandwidth, I also have pretty strong QOS rules, So I probably won't even notice it depending on which IP they attack :) Given our past conversations, I'm disappointed you do not have a more professional approach or attitude than this. Blind trust and anti-mitigation are not among them. While that sadly can't be everyone, Linux is far less about the kernel code itself than the philosophies that govern it. SSLCACertificateFile /etc/ssl/startssl/ca.Originally posted by Houtworm:People who don't trust it can choose not to click on it :) On some level I do tend to assume that Linux users are more security and privacy conscious than most prominent users being above-average and likely professionals within expert fields. SSLCertificateChainFile /etc/ssl/startssl/intermediate.pem SSLCertificateKeyFile /etc/ssl/startssl/.key SSLCertificateFile /etc/ssl/startssl/.crt Options Indexes MultiViews FollowSymLinks Options +ExecCGI -MultiViews +SymLinksIfOwnerMatchĬustomLog $/ssl_access.log combined Options Indexes FollowSymLinks MultiViews Note that the certificate can be used for just about any purpose including (IMAP, SMTPS, Mumble server, etc.) etc/apache2/sites_available/) be sure to reference your certificate and key as well as StartCom’s root certificate, and chain (this will help out older browers). …this goes below the directory directive in your site config: (e.g. Now you have a SSL Certificate (.csr) and Key (.key)Ĩ. Also BE SURE to download the intermediate and root certs.ħ. StartCom will give you your certificate, paste it into a. Here you select the domain the certificate will fall under, then the subdomain for your certificate (must be the same as your certificate request).Ħ. Skip the generate cert option (since you’ve already generated it) and paste the contents of the CSR file you create into the certificate request form.ĥ. The cert will also be good for your naked domain. b3n.org) here, you must enter a sub-domain (such as or in the example below I used reader. StartCom won’t let you enter a naked domain (e.g. SSH into your server and create a new key and CSR, it is of extreme importance that “Common Name” should be your fully qualified domain name. StartCom will send you a validation code, once entered you have verified domain ownership and can create certificates for 30 days.Ĥ. Select an address you can receive email at, the final address comes from your whois record which should be the domain owner’s email address. Enter the domain name you want to validate.ģ. These are real certs that work out of the box in just about every OS / browser I’ve tried (OSX, XP SP3 to Windows 8, IE, Firefox, Safari, Chrome, iOS, Android, Windows 8 Phone, etc.).Ģ. StartCom offers free personal certificates, these aren’t the fake certs where you have to setup your own CA and it only works when people have your CA cert installed. Here’s a quick tutorial on how to obtain and setup a certificate from StartCom. Please see my newer SSL Certificate Guide Using Let’s Encrypt *** *** DEPRECATED StartCom no longer exists.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |