Am 12.12.2016 um 00:25 schrieb timeless:
Firefox reports:
"bugs.clamav.net uses an invalid security certificate. The certificate is
only valid for bugzilla.clamav.net Error code: SSL_ERROR_BAD_CERT_DOMAIN"
You can bypass the warning if desired.
(FWIW, Chrome also allows this)
Benny Pedersen wrote:
worst advise you ever have giving here
I think he meant that Firefox offers to allow you to continue past the
warning (some warnings in SSL land are fatal) --
Speaking as someone who was involved in this error message.
don't matter - instead of writing a mail that should have been just fixed
Usability and Security are always tradeoffs. If a product is too
hard/painful/cumbersome to use, it doesn't matter if it's the most
secure, people will move away from it
it's not rocket science to deploy SSL certs which match the used
hostnames, at least not when it takes a few seconds to pase a vhost
config and verify if all the names are listed in the cert while the main
question is why a vhost needs that much names at all instead "THAT is
the name of the subdomain and THAT is the certificate for it"
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
